Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-41267

šŸ—“ļøĀ 14 Sep 2023Ā 07:46:42Reported byĀ apacheTypeĀ 
cve
Ā cvešŸ”—Ā web.nvd.nist.govšŸ‘Ā 46Ā Views

Apache Airflow HDFS Provider allows for execution of code via an incorrect pip package (CVE-2023-41267)

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2023-41267
14 Sep 202312:24
ā€“circl
CNNVD		Apache Airflow 安å…Øę¼ę“ž
14 Sep 202300:00
ā€“cnnvd
CNVD		SiYuan Notes Software Web App is a privacy-first personal knowledge management system that supports full offline use as well as end-to-end encrypted synchronization. Yunnan ChainDrop Technology Co., Ltd. has an XSS vulnerability in the Siyuan Notes Software Web application, which can be exploited by attackers to obtain sensitive information such as user cookies.
18 Sep 202300:00
ā€“cnvd
Cvelist		CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package
14 Sep 202307:46
ā€“cvelist
EUVD		EUVD-2023-2432
3 Oct 202520:07
ā€“euvd
Tenable Nessus		Fedora 40 : golang-cloud-google / golang-cloud-google-bigquery / etc (2023-f23d9c5057)
29 Apr 202400:00
ā€“nessus
Github Security Blog		Apache HDFS Provider error message suggested
14 Sep 202309:30
ā€“github
NVD		CVE-2023-41267
14 Sep 202308:15
ā€“nvd
OSV		GHSA-5HJ9-M76G-XRC8 Apache HDFS Provider error message suggested
14 Sep 202309:30
ā€“osv
Prion		Code injection
14 Sep 202308:15
ā€“prion
Rows per page
NVD
Vulners
Vulnrichment
Node
apacheairflow_hdfs_providerRange<4.1.1
[
  {
    "collectionURL": "https://pypi.python.org/",
    "defaultStatus": "unaffected",
    "packageName": "apache-airflow-providers-apache-hdfs",
    "product": "Apache Airflow HDFS Provider",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "4.1.1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Feb 2025 17:17Current
7.5High risk
Vulners AI Score7.5
CVSS 3.17.8
EPSS0.00492
SSVC
CWE-829
apache airflowhdfs providercve-2023-41267security vulnerabilitycode executionpip packagenvdapache airflow 4.1.1
46