Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/02/26 12:0 a.m.3 views

acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.9.5.1rc1 <=1.3.1.post1) +124 more potentially affected by CVE-2021-45229 via apache-airflow (>=1.8.2 <=2.2.3)

apache-airflow PYPI version =1.8.2, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =0.10.2, =0.11.0 - airflow-ditto =0.0.1.2 and more Source cves: CVE-2021-45229 Source advisory: OSV:GHSA-65XW-PCQW-HJRH...

6.1CVSS6.3AI score0.02561EPSS
Exploits0
Circl
Circl
added 2022/02/25 12:20 p.m.5 views

CVE-2021-45229

creationtimestamp| type| source ---|---|--- 2022-02-25 12:20:29+00:00| seen| https://t.me/cibsecurity/38076...

6.1CVSS6AI score0.02561EPSS
Exploits0References1
NVD
NVD
added 2022/02/25 9:15 a.m.25 views

CVE-2021-45229

It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the origin query argument. This issue affects Apache Airflow versions 2.2.3 and below...

6.1CVSS0.02561EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/02/25 9:15 a.m.4 views

acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.9.5.1rc1 <=1.3.1.post1) +124 more potentially affected by CVE-2021-45229 via apache-airflow (>=1.8.2 <=2.2.3)

apache-airflow PYPI version =1.8.2, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =0.10.2, =0.11.0 - airflow-ditto =0.0.1.2 and more Source cves: CVE-2021-45229 Source advisory: OSV:PYSEC-2022-29...

6.1CVSS6.3AI score0.02561EPSS
Exploits0
Cvelist
Cvelist
added 2022/02/25 8:30 a.m.19 views

CVE-2021-45229 Apache Airflow: Reflected XSS via Origin Query Argument in URL

It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the origin query argument. This issue affects Apache Airflow versions 2.2.3 and below...

6.1AI score0.02561EPSS
Exploits0References1
CVE
CVE
added 2022/02/25 8:30 a.m.128 views

CVE-2021-45229

The CVE-2021-45229 entry describes a reflected XSS in Apache Airflow: the Trigger DAG with config screen is vulnerable to XSS via the origin URL parameter, affecting Airflow 2.2.3 and earlier. The root cause is insufficient input handling for the origin parameter that can inject script into the b...

6.1CVSS6AI score0.02561EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder