Apache Apache-airflow-providers-apache-spark — known CVE vulnerabilities
Every CVE whose affected-product data names Apache Apache-airflow-providers-apache-spark, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-40272 — CVSS 7.5 (high): Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious…
CVE-2022-40954 — CVSS 5.5 (medium): Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Spark Provider…