Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <46feeb7c-00af-4cf6-486e-a122519904ec@apache.org>
Date: Mon, 26 Jun 2023 15:52:56 +0000
From: Elad Kalif <eladkal@...che.org>
To: oss-security@...ts.openwall.com
Subject: CVE-2023-34395: Apache Airflow ODBC Provider: Remote code
 execution vulnerability 

Severity: moderate

Affected versions:

- Apache Airflow ODBC Provider before 4.0.0

Description:

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider.
In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of arbitrary dynamic-link libraries, resulting in command execution.
Starting version 4.0.0 driver can be set only from the hook constructor.
This issue affects Apache Airflow ODBC Provider: before 4.0.0.

Credit:

KmhlYXJ0 (finder)

References:

https://github.com/apache/airflow/pull/31713
https://airflow.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-34395

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.