Lucene search
+L

7 matches found

OSV
OSV
added 2026/02/26 8:39 a.m.4 views

BIT-AIRFLOW-2024-56373 Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.9AI score0.01134EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/25 10:16 a.m.7 views

CVE-2024-56373

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/24 12:31 p.m.12 views

Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/24 12:31 p.m.5 views

GHSA-R837-HPV7-PC2F Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.6AI score0.01134EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/24 10:6 a.m.11 views

CVE-2024-56373

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

6.7AI score0.01134EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/24 10:6 a.m.9 views

EUVD-2024-55432

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 10:6 a.m.24 views

CVE-2024-56373 Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

0.01134EPSS
Exploits0References2
Rows per page
Query Builder