Описание
Apache Airflow Spark Provider vulnerable to improper input validation
Apache Software Foundation Apache Airflow Spark Provider before 4.0.1 is vulnerable to improper input validation because the host and schema of JDBC Hook can contain / and ? which is used to denote the end of the field.
Пакеты
Наименование
apache-airflow-providers-apache-spark
pip
Затронутые версииВерсия исправления
< 4.0.1
4.0.1
Связанные уязвимости
CVSS3: 7.5
nvd
почти 3 года назад
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.