CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Apache: >> Apache-Airflow-Providers-Jdbc Security Vulnerabilities

CVE-2023-22886

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-06-29

Page 1

Vulnerabilities

Vulnerable Software

Apache: >> Apache-Airflow-Providers-Jdbc Security Vulnerabilities

Products

Pricing

Contact Us