Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.3 views

CVE-2023-22887

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit i...

6.5CVSS6.6AI score0.01787EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/07/12 12:31 p.m.6 views

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +136 more potentially affected by CVE-2023-22887 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-22887 Source advisory: OSV:GHSA-GGWR-4VR8-G7WV...

6.5CVSS6.5AI score0.01787EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/12 10:15 a.m.5 views

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +136 more potentially affected by CVE-2023-22887 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-22887 Source advisory: OSV:PYSEC-2023-104...

6.5CVSS6.5AI score0.01787EPSS
Exploits0
OSV
OSV
added 2023/07/12 9:14 a.m.25 views

CVE-2023-22887 Apache Airflow path traversal by authenticated user

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit i...

6.5CVSS6.5AI score0.01787EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/12 9:14 a.m.57 views

CVE-2023-22887 Apache Airflow path traversal by authenticated user

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit i...

6.4AI score0.01787EPSS
Exploits0References2
CVE
CVE
added 2023/07/12 9:14 a.m.95 views

CVE-2023-22887

CVE-2023-22887 affects Apache Airflow versions before 2.6.3. The issue enables an authenticated attacker to perform unauthorized file access outside the intended directory by manipulating the run_id parameter (path traversal). The vulnerability is described as low impact since exploitation requir...

6.5CVSS6.1AI score0.01787EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 6:58 p.m.27 views

Security Bulletin: IBM InfoSphere Information Server is potentially vulnerable to CSV Injection (CVE-2023-22887)

Summary A CSV Injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-22887 DESCRIPTION: IBM InfoSphere Information Server is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused ...

6.5CVSS6.7AI score0.01787EPSS
Exploits0Affected Software1
Rows per page
Query Builder