Lucene search
K

71 matches found

OSV
OSV
added 2024/11/15 9:15 a.m.8 views

PYSEC-2024-182

Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...

7.5CVSS7AI score0.01295EPSS
Exploits0References3
CVE
CVE
added 2024/11/15 8:20 a.m.68 views

CVE-2024-45784

Summary (CVE-2024-45784): Apache Airflow versions before 2.10.3 may log sensitive configuration variables in task logs, risking exposure to unauthorized users. The underlying issue is that secrets were not masked in logging output. Version 2.10.3 and later mask secrets in task logs, mitigating th...

7.5CVSS7.5AI score0.01295EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/15 8:20 a.m.31 views

CVE-2024-45784 Apache Airflow: Sensitive configuration values are not masked in the logs by default

Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...

0.01295EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/15 8:20 a.m.14 views

CVE-2024-45784 Apache Airflow: Sensitive configuration values are not masked in the logs by default

Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...

7.6AI score0.01295EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.6 views

Apache Airflow 安全漏洞

Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache USA Foundation. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 2.10.3 that stems from the possibility...

7.5CVSS6.4AI score0.01295EPSS
Exploits0References2
OSV
OSV
added 2024/07/25 6:15 a.m.4 views

CVE-2024-6972

In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text...

6.5CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/07/25 12:0 a.m.5 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from the fact that under certain circumstances, sensitive variables may be printed in plaintext in the task log...

6.5CVSS6.7AI score0.00228EPSS
Exploits0References2
OSV
OSV
added 2024/05/14 4:17 p.m.10 views

PYSEC-2024-264

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS6AI score0.01559EPSS
Exploits0References4
PyPA
PyPA
added 2024/05/14 4:17 p.m.8 views

PYSEC-2024-264

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS6AI score0.01559EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/10/12 5:15 p.m.5 views

CVE-2020-25825

In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs...

7.5CVSS7.1AI score
Exploits0References4
Cvelist
Cvelist
added 2020/10/12 4:9 p.m.21 views

CVE-2020-25825

In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs...

7.4AI score0.01521EPSS
Exploits0References4
Rows per page
Query Builder