CVE-2023-28706

CVE-2023-28706: Apache Airflow Hive Provider Beeline Remote Command Execution

Vendor Apache Software Foundation

Product Apache Airflow Hive Provider

Weakness CWE-94 · Code injection

Published April 7, 2023

Last update October 22, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.

Key dates

Disclosure timeline

April 7, 2023 CVE published

October 22, 2024 Record updated