Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service
CVE-2023-25692

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Airflow Google Provider
Vendor: CVE Published:; 24 February 2023

What is CVE-2023-25692?

An improper input validation vulnerability has been identified in the Apache Airflow Google Provider, which affects versions prior to 8.10.0. This flaw may allow attackers to manipulate input to perform unauthorized actions or gain access to sensitive information. It is crucial for users running affected versions to review their configurations and apply the necessary updates to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Airflow Google Provider 0 < 8.10.0

References

https://github.com/apache/airflow/pull/29499

patch

https://lists.apache.org/thread/ks4l78l5rwdpmvfn7y7yhs179...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 24, 2023
Vulnerability Reserved
Feb 12, 2023

Credit

Xie Jianming of Caiji Sec Team

JSON

Apache

What is CVE-2023-25692?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.