CVE-2023-37379

🗓️ 23 Aug 2023 16:09:15Reported by GoogleType

osv🔗 osv.dev👁 14 Views

Apache Airflow vulnerability in versions prior to 2.7.0 allows authenticated user with edit privileges to exploit connection info and cause DoS

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 13
CNVD	Apache Airflow code issue vulnerability (CNVD-2023-85615)	25 Aug 202300:00	–	cnvd
OSV	BIT-AIRFLOW-2023-37379	6 Mar 202410:54	–	osv
OSV	PYSEC-2023-152	23 Aug 202316:15	–	osv
OSV	GHSA-X2MH-8FMC-RQGH Apache Airflow denial of service vulnerability	23 Aug 202318:30	–	osv
Vulnrichment	CVE-2023-37379 Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature	23 Aug 202315:38	–	vulnrichment
Hacker One	Internet Bug Bounty: SSRF Vulnerability through Connection test feature	25 Aug 202306:19	–	hackerone
NVD	CVE-2023-37379	23 Aug 202316:15	–	nvd
CVE	CVE-2023-37379	23 Aug 202316:15	–	cve
Prion	Improper access control	23 Aug 202316:15	–	prion
Veracode	Denial Of Service (DoS)	25 Aug 202308:52	–	veracode

Source	Link
lists	www.lists.apache.org/thread/g5c9vcn27lr14go48thrjpo6f4vw571r
openwall	www.openwall.com/lists/oss-security/2023/08/23/4
github	www.github.com/apache/airflow/pull/32052

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Aug 2023 16:15Current

7.8High risk

Vulners AI Score7.8

CVSS38.1

EPSS0.00133

SSVC