Vulnerabilities > Apache > Apache Airflow Providers Jdbc > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2023-22886 Improper Input Validation vulnerability in Apache Apache-Airflow-Providers-Jdbc
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0.
network
low complexity
apache CWE-20
8.8