Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.4 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS8.2AI score0.00773EPSS
Exploits0References1
OSV
OSV
added 2024/03/14 7:15 p.m.4 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.1AI score0.00773EPSS
Exploits0References1
NVD
NVD
added 2024/03/14 7:15 p.m.7 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS7.8AI score0.00773EPSS
Exploits0References1
PyPA
PyPA
added 2024/03/14 7:15 p.m.10 views

PYSEC-2024-270

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/14 7:15 p.m.10 views

PYSEC-2024-270

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2
PyPA
PyPA
added 2024/03/14 7:15 p.m.11 views

PYSEC-2024-263

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2024/03/14 7:15 p.m.4 views

PYSEC-2024-314

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/14 7:15 p.m.11 views

PYSEC-2024-263

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2
OSV
OSV
added 2024/03/14 7:15 p.m.3 views

PYSEC-2024-314

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.2AI score0.00773EPSS
Exploits0References2
CVE
CVE
added 2024/03/14 12:0 a.m.56 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 is affected by an arbitrary file upload vulnerability in the unsafe_load function (cli.py). The root cause is unsafe YAML loading, allowing an attacker to execute arbitrary code by uploading a crafted YAML file. Documents confirm the affected component and vulnerability pa...

9.8CVSS8.1AI score0.00773EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.5 views

PT-2024-22426 · Unknown · Airflow-Diagrams

Name of the Vulnerable Software and Affected Versions: Airflow-Diagrams version 2.1.0 Description: The issue is related to an arbitrary file upload vulnerability in the unsafe load function at cli.py. This allows attackers to execute arbitrary code via uploading a crafted YML file. Recommendation...

9.8CVSS8.2AI score0.00773EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/14 12:0 a.m.13 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

8AI score0.00773EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/14 12:0 a.m.7 views

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

8.1AI score0.00773EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/14 12:0 a.m.4 views

Airflow-Diagrams Security Vulnerability

airflow-diagrams is a diagramming tool from the individual developer Felix Uellendall. A security vulnerability exists in Airflow-Diagrams version v2.1.0, which stems from the unsafeload function in cli.py containing an arbitrary file upload vulnerability that allows an attacker to execute...

9.8CVSS7.7AI score0.00773EPSS
Exploits0References3
Rows per page
Query Builder