Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an malicious user to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: prior to 2.4.3. It is recommended to upgrade to a version that is not affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache apache-airflow-providers-apache-drill |