Vulnerabilities > Apache > Apache Airflow Providers Jdbc > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-29 | CVE-2023-22886 | Improper Input Validation vulnerability in Apache Apache-Airflow-Providers-Jdbc Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0. | 8.8 |