Apache Airflow Spark Provider, versions prior to 4.1.3, is affected by a vulnerability that allows an malicious user to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache apache-airflow-providers-apache-spark |