apache-airflow-providers-mysql@5.5.3rc1 vulnerabilities

Provider package apache-airflow-providers-mysql for Apache Airflow

latest version

6.2.2

latest non vulnerable version

first published

4 years ago

latest version published

18 hours ago

licenses detected

Apache-2.0
[0,)

View apache-airflow-providers-mysql package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache-airflow-providers-mysql package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M SQL Injection apache-airflow-providers-mysql is a provider for Apache Airflow Affected versions of this package are vulnerable to SQL Injection through the `dump_sql()` or `load_sql()` functions. A user can inject DML into a table parameter from the UI on a DAG that uses one of these functions. How to fix SQL Injection? Upgrade `apache-airflow-providers-mysql` to version 6.2.0rc1 or higher.	[,6.2.0rc1)

Go back to all versions of this package