CVE-2023-40195: Apache Airflow vulnerable arbitrary code execution via Spark server
8.8
Basic Information
Technical Details
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| apache-airflow-providers-apache-spark | pip | < 4.1.3 | 4.1.3 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from misconfiguration risks rather than specific code flaws. The provided commit (6850b5c) only adds a documentation warning about trusting host settings in Spark connections, indicating the core issue is improper access control to Spark hook configuration (CWE-829) combined with potential deserialization risks (CWE-502) when connecting to untrusted servers. No code changes were made in the patch, and the advisory doesn't identify specific functions handling deserialization or server communication. The vulnerability manifests through the ability to configure connection parameters (like host) rather than a specific function with insecure deserialization logic. Without explicit code examples or function-level patches, we cannot confidently pinpoint vulnerable functions.