CVE-2023-28710

CVE-2023-28710: Apache Airflow Spark Provider Arbitrary File Read via JDBC

Vendor Apache Software Foundation

Product Apache Airflow Spark Provider

Weakness CWE-20 · Input validation

Published April 7, 2023

Last update October 22, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.

Key dates

Disclosure timeline

April 7, 2023 CVE published

October 22, 2024 Record updated