CRITICAL 9.8
PYSEC-2026-272
Apache Airflow Hive Provider Improper Input Validation vulnerability
Details
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / apache-airflow-providers-apache-hive
Introduced in:
0 Fixed in: 5.1.3 Fix
pip install --upgrade 'apache-airflow-providers-apache-hive>=5.1.3' References
- https://nvd.nist.gov/vuln/detail/CVE-2023-25696 [ADVISORY]
- https://github.com/apache/airflow/pull/29502 [WEB]
- https://github.com/apache/airflow [PACKAGE]
- https://lists.apache.org/thread/99g0qm56wmgdxmbtdsvhj4rdnxhpzpml [WEB]
- https://pypi.org/project/apache-airflow-providers-apache-hive [PACKAGE]
- https://github.com/advisories/GHSA-9mwf-mw74-9cv5 [ADVISORY]