Vulnerabilities > Apache > Apache Airflow Providers Apache Pinot > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-38649 OS Command Injection vulnerability in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files.
network
low complexity
apache CWE-78
critical
9.8