Vulnerabilities > Apache > Apache Airflow Providers Apache PIG > 2.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-40189 OS Command Injection vulnerability in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files.
network
low complexity
apache CWE-78
critical
 9.8
9.8