Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache apache-airflow-providers-apache-spark vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40195
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to confi...
Apache Airflow Spark Provider
NA
CVE-2023-40272
Apache Airflow Spark Provider, versions prior to 4.1.3, is affected by a vulnerability that allows an malicious user to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version...
Apache Apache-airflow-providers-apache-spark
NA
CVE-2023-28710
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: prior to 4.0.1.
Apache Apache-airflow-providers-apache-spark
NA
CVE-2022-40954
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an malicious user to read arbtrary files in the task execution context, without write access to DAG files. Th...
Apache Airflow
Apache Apache-airflow-providers-apache-spark
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started