by @jakaba
09 Aug 2023

SQL injection in Apache Airflow MySQL provider (CVE-2023-22884) - PoC + exploit

by @jakaba
09 Aug 2023

SQL injection in Apache Airflow MySQL provider (CVE-2023-22884) - PoC + exploit

OS

Linux
LinuxOracle
8.10.*
6.10.*
7.7.*
8.9.*
7.4.*
5.9.*
5.10
5.*
5.9
5.11

Apps

A
AirflowApache
1.0.0:.*
2.0.0:.*
*.*
1.7.1.3.*
1.7.1.2.*
1.7.1.1.*
1.10.11.*
1.10.12.*
0.4.5.*
1.10.8.*
5.0.0.*
2.2.2.*
4.0.0.*
3.1.0.*
3.4.0.*
3.2.1.*
2.0.0.*
4.0.2.*
2.2.0.*
3.3.0.*

PoC video

Summary

Proof of Concept for CVE-2023-22884 that is an Apache Airflow SQL injection vulnerability.

general

Description

users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)