Search
Find a vulnerability
Search criteria
4 vulnerabilities found for Apache Airflow Sqoop Provider by Apache Software Foundation
CVE-2023-27604 (GCVE-0-2023-27604)
Vulnerability from nvd – Published: 2023-08-28 07:47 – Updated: 2024-09-27 18:46
VLAI
EPSS
VEX
Title
Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability
Summary
Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections.
It is recommended to upgrade to a version that is not affected.
This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/apache/airflow/pull/33039 | patch |
| https://lists.apache.org/thread/lswlxf11do51ob7f6… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow Sqoop Provider |
Affected:
0 , < 4.0.0
(semver)
|
|
| apache | airflow_sqoop_provider |
Affected:
0 , < 4.0.0
(custom)
cpe:2.3:a:apache:airflow_sqoop_provider:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:36.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/33039"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/lswlxf11do51ob7f6xyyg8qp3n7wdrgd"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:airflow_sqoop_provider:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "airflow_sqoop_provider",
"vendor": "apache",
"versions": [
{
"lessThan": "4.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:45:03.537743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:46:43.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Sqoop Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "happyhacking-k"
},
{
"lang": "en",
"type": "finder",
"value": "Xie Jianming of Caiji Sec Team"
},
{
"lang": "en",
"type": "finder",
"value": "Liu Hui of Caiji Sec Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via \u2018sqoop import --connect\u2019, obtain airflow server permissions, etc. T\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ehe attacker needs to be logged in and have authorization (permissions) to create/edit connections.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e It is recommended to upgrade to a version that is not affected.\u003cbr\u003eThis issue was reported independently by \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ehappyhacking-k\u003c/span\u003e, And Xie Jianming and LiuHui of Caiji Sec Team also reported it."
}
],
"value": "Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via \u2018sqoop import --connect\u2019, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections.\n\n It is recommended to upgrade to a version that is not affected.\nThis issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-28T07:47:29.702Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/33039"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lswlxf11do51ob7f6xyyg8qp3n7wdrgd"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-27604",
"datePublished": "2023-08-28T07:47:29.702Z",
"dateReserved": "2023-03-04T16:47:10.813Z",
"dateUpdated": "2024-09-27T18:46:43.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25693 (GCVE-0-2023-25693)
Vulnerability from nvd – Published: 2023-02-24 11:48 – Updated: 2025-02-13 14:27
VLAI
EPSS
VEX
Title
Sqoop Apache Airflow Provider Remote Code Execution Vulnerability
Summary
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.
This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/apache/airflow/pull/29500 | patch |
| https://lists.apache.org/thread/79qn8g5xbq036f8cr… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow Sqoop Provider |
Affected:
0 , < 3.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/29500"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T14:26:37.171048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T14:27:04.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Sqoop Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": " L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache Airflow Sqoop Provider versions before 3.1.1.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.\n\nThis issue affects Apache Airflow Sqoop Provider versions before 3.1.1.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-24T11:48:11.397Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/29500"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sqoop Apache Airflow Provider Remote Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-25693",
"datePublished": "2023-02-24T11:48:11.397Z",
"dateReserved": "2023-02-12T23:28:53.552Z",
"dateUpdated": "2025-02-13T14:27:04.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27604 (GCVE-0-2023-27604)
Vulnerability from cvelistv5 – Published: 2023-08-28 07:47 – Updated: 2024-09-27 18:46
VLAI
EPSS
VEX
Title
Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability
Summary
Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via ‘sqoop import --connect’, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections.
It is recommended to upgrade to a version that is not affected.
This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/apache/airflow/pull/33039 | patch |
| https://lists.apache.org/thread/lswlxf11do51ob7f6… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow Sqoop Provider |
Affected:
0 , < 4.0.0
(semver)
|
|
| apache | airflow_sqoop_provider |
Affected:
0 , < 4.0.0
(custom)
cpe:2.3:a:apache:airflow_sqoop_provider:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:36.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/33039"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/lswlxf11do51ob7f6xyyg8qp3n7wdrgd"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:airflow_sqoop_provider:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "airflow_sqoop_provider",
"vendor": "apache",
"versions": [
{
"lessThan": "4.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:45:03.537743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:46:43.906Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Sqoop Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "happyhacking-k"
},
{
"lang": "en",
"type": "finder",
"value": "Xie Jianming of Caiji Sec Team"
},
{
"lang": "en",
"type": "finder",
"value": "Liu Hui of Caiji Sec Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via \u2018sqoop import --connect\u2019, obtain airflow server permissions, etc. T\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ehe attacker needs to be logged in and have authorization (permissions) to create/edit connections.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e It is recommended to upgrade to a version that is not affected.\u003cbr\u003eThis issue was reported independently by \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ehappyhacking-k\u003c/span\u003e, And Xie Jianming and LiuHui of Caiji Sec Team also reported it."
}
],
"value": "Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via \u2018sqoop import --connect\u2019, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections.\n\n It is recommended to upgrade to a version that is not affected.\nThis issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-28T07:47:29.702Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/33039"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/lswlxf11do51ob7f6xyyg8qp3n7wdrgd"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-27604",
"datePublished": "2023-08-28T07:47:29.702Z",
"dateReserved": "2023-03-04T16:47:10.813Z",
"dateUpdated": "2024-09-27T18:46:43.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25693 (GCVE-0-2023-25693)
Vulnerability from cvelistv5 – Published: 2023-02-24 11:48 – Updated: 2025-02-13 14:27
VLAI
EPSS
VEX
Title
Sqoop Apache Airflow Provider Remote Code Execution Vulnerability
Summary
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.
This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/apache/airflow/pull/29500 | patch |
| https://lists.apache.org/thread/79qn8g5xbq036f8cr… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow Sqoop Provider |
Affected:
0 , < 3.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/29500"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T14:26:37.171048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T14:27:04.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Airflow Sqoop Provider",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": " L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Apache Airflow Sqoop Provider versions before 3.1.1.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.\n\nThis issue affects Apache Airflow Sqoop Provider versions before 3.1.1.\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-24T11:48:11.397Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/29500"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/79qn8g5xbq036f8crb115obvr22l52q4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sqoop Apache Airflow Provider Remote Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-25693",
"datePublished": "2023-02-24T11:48:11.397Z",
"dateReserved": "2023-02-12T23:28:53.552Z",
"dateUpdated": "2025-02-13T14:27:04.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}