Lucene search
ApacheCVE-2023-25691HistoryFeb 24, 2023 - 12:15 p.m.
CVE-2023-25691
2023-02-2412:15:30
CWE-20
apache
web.nvd.nist.gov
39
cve-2023-25691
improper input validation
apache airflow
google provider
nvd
security vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.002
Percentile
58.0%
Improper Input Validation vulnerability in the Apache Airflow Google Provider.
This issue affects Apache Airflow Google Provider versions before 8.10.0.
Affected configurations
Node
apacheapache-airflow-providers-googleRange<8.10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | apache-airflow-providers-google | * | cpe:2.3:a:apache:apache-airflow-providers-google:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Google Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "8.10.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cvelist
cvelist
cnvd
cnvd
Apache Airflow Google Provider Input Validation Error Vulnerability
2023-02-28 00:00:00
github
github
Apache Airflow Google Provider Improper Input Validation vulnerability
2023-02-24 12:31:20
nvd
nvd
CVE-2023-25691
2023-02-24 12:15:30
osv
osv
Apache Airflow Google Provider Improper Input Validation vulnerability
2023-02-24 12:31:20
CVE-2023-25691
2023-02-24 12:15:30
prion
prion
Input validation
2023-02-24 12:15:00
veracode
veracode
Remote Code Execution (RCE)
2023-02-28 09:32:14
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.002
Percentile
58.0%
Related for CVE-2023-25691