CVE-2023-22886

CVE-2023-22886

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.
Airflow JDBC Provider Connection’s [Connection URL] parameters had no
restrictions, which made it possible to implement RCE attacks via
different type JDBC drivers, obtain airflow server permission.
This issue affects Apache Airflow JDBC Provider: before 4.0.0.

Source: CVE-2023-22886

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다