HIGH 7.5

GHSA-h8p2-8g72-qpgh

Apache Airflow Google Provider Improper Input Validation vulnerability

Details

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / apache-airflow-providers-google

Introduced in: 0 Fixed in: 8.10.0

Fix pip install --upgrade 'apache-airflow-providers-google>=8.10.0'

References

https://nvd.nist.gov/vuln/detail/CVE-2023-25692 [ADVISORY]
https://github.com/apache/airflow/pull/29499 [WEB]
https://github.com/apache/airflow [PACKAGE]
https://lists.apache.org/thread/ks4l78l5rwdpmvfn7y7yhs179nyxtlsh [WEB]