admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-270xx/CVE-2025-27018.json
cad-safe-bot 6d2818943d Auto-Update: 2025-03-19T11:00:20.471466+00:00
2025-03-19 11:03:49 +00:00

45 lines
2.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-27018",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-19T09:15:14.457",
"lastModified": "2025-03-19T09:15:14.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider.\n\nWhen user triggered a DAG with dump_sql or load_sql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not intended.\nIt could lead to data corruption, modification and others.\nThis issue affects Apache Airflow MySQL Provider: before 6.2.0.\n\nUsers are recommended to upgrade to version 6.2.0, which fixes the issue."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una instrucci\u00f3n SQL ('Inyecci\u00f3n SQL') en Apache Airflow MySQL Provider. Al activar un DAG con las funciones dump_sql o load_sql, el usuario pod\u00eda pasar un par\u00e1metro de tabla desde una interfaz de usuario, lo que pod\u00eda causar una inyecci\u00f3n SQL al ejecutar SQL no previsto. Esto pod\u00eda provocar corrupci\u00f3n y modificaci\u00f3n de datos, entre otros problemas. Este problema afecta a Apache Airflow MySQL Provider anterior a la versi\u00f3n 6.2.0. Se recomienda actualizar a la versi\u00f3n 6.2.0, que soluciona el problema."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/47254",
"source": "security@apache.org"
},
{
"url": "https://github.com/apache/airflow/pull/47255",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/m8ohgkwz4mq9njohf66sjwqjdy28gvzf",
"source": "security@apache.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink