Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.
Airflow JDBC Provider Connection’s [Connection URL] parameters had no
restrictions, which made it possible to implement RCE attacks via
different type JDBC drivers, obtain airflow server permission.
This issue affects Apache Airflow JDBC Provider: before 4.0.0.
Metrics
Affected Vendors & Products
References
History
Mon, 07 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-10-07T18:27:17.133Z
Reserved: 2023-01-09T19:24:49.530Z
Link: CVE-2023-22886

Updated: 2024-08-02T10:20:31.306Z

Status : Modified
Published: 2023-06-29T10:15:09.650
Modified: 2024-11-21T07:45:34.853
Link: CVE-2023-22886

No data.