Headline
GHSA-85pf-r4c7-3j9r: Apache Airflow Drill Provider vulnerable to improper input validation
Apache Software Foundation’s Apache Airflow Drill Provider before 2.3.2 is vulnerable to improper input validation because the host passed in drill connection is not sanitized.
Apache Airflow Drill Provider vulnerable to improper input validation
Moderate severity GitHub Reviewed Published Apr 7, 2023 to the GitHub Advisory Database • Updated Apr 7, 2023
Related news
CVE-2023-28707: Sanitize host in drill hook by potiuk · Pull Request #30215 · apache/airflow
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.