In airflow.providers.apache.sqoop.hooks.sqoop.SqoopHook._prepare_command, users can control -libjars through libjars in Connection. -libjars makes sure each MR task gets these jars in classpath, So I can set this as a malicious Jar package, causing arbitrary system commands to be executed on the machine performing the MR task.
This is a screenshot of my email reporting this vulnerability
āāāāāāāāāā
Remote Code Execution