'[oss-security] CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of S'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of S
From:       Jarek Potiuk <potiuk () apache ! org>
Date:       2023-02-23 17:43:10
Message-ID: 6a6d77d1-ca77-0286-12d7-3e5e2e5fa1f6 () apache ! org
[Download RAW message or body]

Severity: low

Description:

Improper Input Validation vulnerability in the Apache Airflow Google Provider.

This issue affects Apache Airflow Google Provider versions before 8.10.0.

Credit:

Xie Jianming of Caiji Sec Team (finder)

References:

https://github.com/apache/airflow/pull/29499
https://airflow.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-25692

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic