CVE-2023-25693 – apache-airflow-providers-apache-sqoop

Package

Manager: pip
Name: apache-airflow-providers-apache-sqoop
Vulnerable Version: >=0 <3.1.1

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00483 pctl0.64257

Details

Apache Airflow Sqoop Provider Improper Input Validation vulnerability Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.

Metadata

Created: 2023-02-24T12:31:20Z
Modified: 2025-02-13T16:50:01Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-j69x-v4wc-3fpf/GHSA-j69x-v4wc-3fpf.json
CWE IDs: ["CWE-20"]
Alternative ID: GHSA-j69x-v4wc-3fpf
Finding: F184
Auto approve: 1