CVE-2023-25693: Apache Airflow Sqoop Provider Improper Input Validation vulnerability

February 24, 2023 (updated February 13, 2025)

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.

References

github.com/advisories/GHSA-j69x-v4wc-3fpf
github.com/apache/airflow
github.com/apache/airflow/pull/29500
lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4
nvd.nist.gov/vuln/detail/CVE-2023-25693

Code Behaviors & Features

Detect and mitigate CVE-2023-25693 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →