Loading HuntDB...

GHSA-85pf-r4c7-3j9r

GitHub Security Advisory

Apache Airflow Drill Provider vulnerable to improper input validation

✓ GitHub Reviewed HIGH Has CVE

Advisory Details

Apache Software Foundation's Apache Airflow Drill Provider before 2.3.2 is vulnerable to improper input validation because the host passed in drill connection is not sanitized.

Affected Packages

PyPI apache-airflow-providers-apache-drill
Affected versions: 0 (fixed in 2.3.2)

Related CVEs

Key Information

GHSA ID
GHSA-85pf-r4c7-3j9r
Published
April 7, 2023 3:30 PM
Last Modified
February 13, 2025 6:52 PM
CVSS Score
7.5 /10
Primary Ecosystem
PyPI
Primary Package
apache-airflow-providers-apache-drill
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 28, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.