Airflow Sqoop Provider Apache Airflow Sqoop Provider

Do you want an email whenever new security vulnerabilities are reported in Apache Airflow Sqoop Provider?

By the Year

In 2024 there have been 0 vulnerabilities in Apache Airflow Sqoop Provider . Last year Airflow Sqoop Provider had 2 security vulnerabilities published. Right now, Airflow Sqoop Provider is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 2 9.30
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Airflow Sqoop Provider vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Airflow Sqoop Provider Security Vulnerabilities

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability

CVE-2023-27604 8.8 - High - August 28, 2023

Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via sqoop import --connect, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections. It is recommended to upgrade to a version that is not affected. This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.

Improper Input Validation

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider

CVE-2023-25693 9.8 - Critical - February 24, 2023

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.

Improper Input Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apache Airflow Providers Apache Sqoop or by Apache? Click the Watch button to subscribe.

Apache
Vendor

subscribe