by vicarius
log in join community
by @jakaba
09 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

SQL injection in Apache Airflow MySQL provider (CVE-2023-22884)

by @jakaba
by @jakaba
09 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

SQL injection in Apache Airflow MySQL provider (CVE-2023-22884)

CVEs

CVE-2023-22884
9.8 Critical Severity

Apps

A
AirflowApache
1.0.0:.*
2.0.0:.*
*.*
1.7.1.3.*
1.7.1.2.*
1.7.1.1.*
1.10.11.*
1.10.12.*
0.4.5.*
1.10.8.*
A
Apache-Airflow-Providers-MysqlApache
5.0.0.*
2.2.2.*
4.0.0.*
3.1.0.*
3.4.0.*
3.2.1.*
2.0.0.*
4.0.2.*
2.2.0.*
3.3.0.*
AMP
Airflow Mysql ProviderApache
*.*

Screenshots from the blog posts

images/clksbuvf404fy1ils6e4g4fto.jpgimages/clksbuvf404fy1ils6e4g4fto.jpg

PoC video

Summary

In this CVE analysis I try to investigate a critical security flaw identified within Apache Airflow as **CVE-2023-22884**.

Description

Tags

#APACHE#SQLi#CVE-2023-22884#Airflow
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

44 posts

Total vcoins

41.1K

Social media links

Comments (0)