Apache Software Foundation Apache Airflow Hive Provider vulnerabilities

CVE-2023-28706 [CRITICAL] CWE-94 CVE-2023-28706: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundatio Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.

CVE-2023-25696 [CRITICAL] CWE-20 CVE-2023-25696: Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apa Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3.

CVE-2022-46421 [CRITICAL] CWE-77 CVE-2022-46421: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0.

CVE-2022-41131 [HIGH] CWE-78 CVE-2022-41131: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider versions prior to 4.1.0. It also impacts any Apache Ai