{"uuid": "33d54df8-138f-49a8-bd79-99386e1d30d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35798", "type": "seen", "source": "https://t.me/cibsecurity/65570", "content": "\u203c CVE-2023-35798 \u203c\n\nInput Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This\u00c2\u00a0vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically\u00c2\u00a0updating the connection to exploit it.This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.It is recommended to\u00c2\u00a0upgrade to a version that is not affected\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T16:33:44.000000Z"}