Vulnerabilities > Apache > Apache Airflow Providers Apache Hive > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-03 CVE-2023-35797 Unspecified vulnerability in Apache Apache-Airflow-Providers-Apache-Hive
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: before 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter.
network
low complexity
apache
critical
9.8
2023-02-24 CVE-2023-25696 Improper Input Validation vulnerability in Apache Apache-Airflow-Providers-Apache-Hive
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3.
network
low complexity
apache CWE-20
critical
9.8
2022-12-20 CVE-2022-46421 Unspecified vulnerability in Apache Apache-Airflow-Providers-Apache-Hive
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0.
network
low complexity
apache
critical
9.8