CVE-2023-50943

🗓️ 24 Jan 2024 13:07:15Reported by GoogleType

osv🔗 osv.dev👁 15 Views

Apache Airflow vulnerability XCom data poisoning issue

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
Hacker One	Internet Bug Bounty: Pickle deserialization vulnerability in XComs	25 Jan 202414:29	–	hackerone
NVD	CVE-2023-50943	24 Jan 202413:15	–	nvd
Cvelist	CVE-2023-50943 Apache Airflow: Potential pickle deserialization vulnerability in XComs	24 Jan 202412:57	–	cvelist
OSV	GHSA-C3C6-F2WW-XFR2 Apache Airflow: pickle deserialization vulnerability in XComs	24 Jan 202415:30	–	osv
OSV	PYSEC-2024-13	24 Jan 202413:15	–	osv
OSV	BIT-AIRFLOW-2023-50943	6 Mar 202410:50	–	osv
Prion	Deserialization of untrusted data	24 Jan 202413:15	–	prion
Veracode	Deserialization Of Untrusted Data	25 Jan 202406:09	–	veracode
CNVD	Apache Airflow Code Execution Vulnerability (CNVD-2024-26531)	29 Jan 202400:00	–	cnvd
RedhatCVE	CVE-2023-50943	14 Feb 202512:39	–	redhatcve

Source	Link
lists	www.lists.apache.org/thread/fx278v0twqzxkcts70tc04cp3f8p56pn
openwall	www.openwall.com/lists/oss-security/2024/01/24/4
github	www.github.com/apache/airflow/pull/36255

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Jan 2024 13:15Current

7.2High risk

Vulners AI Score7.2

CVSS37.5

EPSS0.00161