CVE-2023-28707

CVE-2023-28707: Airflow Apache Drill Provider Arbitrary File Read Vulnerability

Vendor Apache Software Foundation

Product Apache Airflow Drill Provider

Weakness CWE-20 · Input validation

Published April 7, 2023

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.

Key dates

Disclosure timeline

April 7, 2023 CVE published

February 13, 2025 Record updated