Apache: >> Apache-Airflow-Providers-Apache-Spark >> 4.0.1 Security Vulnerabilities
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server.
It is recommended to upgrade to a version that is not affected.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-08-17