Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250406220904.GA22635@openwall.com>
Date: Mon, 7 Apr 2025 00:09:04 +0200
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Cc: Elad Kalif <eladkal@...che.org>
Subject: Re: CVE-2025-30473: Apache Airflow Common SQL Provider: Remote Code Execution via Sql Injection

On Sun, Apr 06, 2025 at 10:37:49AM +0200, Hanno Böck wrote:
> On Fri, 04 Apr 2025 18:54:21 +0000 Elad Kalif <eladkal@...che.org> wrote:
> 
> > https://github.com/apache/airflow/pull/48098
> 
> If I read this code correctly, the only thing this PR changes is to
> reject inputs with an ";" character.
> I am not familiar with the codebase, and also by no means an expert in
> SQL injections. But I am pretty sure there are ways to exploit SQL
> injections that do not involve a ";" character.
> 
> Can anyone familiar with the issue check that this is indeed a proper
> fix?

Elad doesn't appear to be subscribed (as is usual and normal for reports
by Apache projects), so I am CC'ing him here.

The fix does indeed look weird to me as well, but I am not familiar with
the codebase, nor with the issue.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.