First published: Fri Apr 07 2023(Updated: )
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.
Credit: security@apache.org security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Apache-airflow-providers-apache-spark | <4.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-28710 is an Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.
CVE-2023-28710 affects Apache Airflow Spark Provider before version 4.0.1.
CVE-2023-28710 has a severity level of 7.5 (High).
To fix CVE-2023-28710, upgrade to Apache Airflow Spark Provider version 4.0.1 or later.
For more information about CVE-2023-28710, you can refer to the following references: [link1](http://www.openwall.com/lists/oss-security/2023/04/07/3), [link2](https://github.com/apache/airflow/pull/30223), [link3](https://lists.apache.org/thread/lb9w9114ow00h2nkn8bjm106v5x1p1d2)