Lucene search
K

23 matches found

Chainguard
Chainguard
added 3 days ago7 views

GHSA-2HCP-GJRF-7FHC vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, airbyte-server...

5.8AI score
Exploits0
Chainguard
Chainguard
added 3 days ago6 views

CVE-2026-33012 vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, airbyte-server...

7.5CVSS5.8AI score0.00561EPSS
Exploits0
Chainguard
Chainguard
added 3 days ago5 views

GHSA-43W5-MMXV-CPVH vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, airbyte-server...

5.8AI score
Exploits0
Chainguard
Chainguard
added 3 days ago6 views

CVE-2026-33013 vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, airbyte-server...

8.2CVSS7.2AI score0.00595EPSS
Exploits1
Snyk
Snyk
added 2026/03/06 7:14 a.m.6 views

Malicious Package

Overview linear-airbyte-source is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-37279

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00669EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/02 2:32 p.m.2 views

Malicious Package

Overview airbyte-webapp is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/28 2:57 p.m.4 views

Malicious code in airbyte-webapp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cb9621dfdc8c213cde4d731ad33b75a36cc9298649d12d5ed1669fb3d401f1c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/09/28 2:57 p.m.3 views

MAL-2025-47843 Malicious code in airbyte-webapp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cb9621dfdc8c213cde4d731ad33b75a36cc9298649d12d5ed1669fb3d401f1c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/07/22 6:30 p.m.3 views

broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)

dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...

6.6CVSS5.4AI score0.00524EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/07/22 5:43 p.m.7 views

broad-dagster-utils (=2.0.0a7), dagit (>=1.0.0 <=1.10.15) +67 more potentially affected by CVE-2025-51481 via dagster (>=1.0.0 <=1.10.15)

dagster PYPI version =1.0.0, =1.0.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: SNYK:PYTHON-DAGSTER-10877952...

6.6CVSS5.8AI score0.00524EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.3 views

CVE-2024-38363

Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new...

8.5CVSS7.7AI score0.00669EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/09 9:31 p.m.3 views

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +56 more potentially affected by CVE-2024-46455 via unstructured (>=0.10.10 <=0.14.2)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: CVE-2024-46455 Source advisory: SNYK:PYTHON-UNSTRUCTURED-8492724...

9.8CVSS6.5AI score0.00535EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/21 12:54 p.m.4 views

Malicious code in linear-airbyte-source (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f2f93219b987eadd13a3db8af0914e4ccc9ea3d3fbf6f571e156e5e5861d25c6 The OpenSSF Package Analysis project identified 'linear-airbyte-source' @ 9.9.10 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSV
OSV
added 2024/09/21 12:54 p.m.4 views

MAL-2024-8931 Malicious code in linear-airbyte-source (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f2f93219b987eadd13a3db8af0914e4ccc9ea3d3fbf6f571e156e5e5861d25c6 The OpenSSF Package Analysis project identified 'linear-airbyte-source' @ 9.9.10 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
Veracode
Veracode
added 2024/07/10 6:54 a.m.5 views

Server-Side Template Injection

airbyte is vulnerable to Server-Side Template Injection. The vulnerability is due to improper handling of user input in the connection builder, allowing attackers to execute arbitrary code on the server...

8.5CVSS7.7AI score0.00669EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/07/09 3:15 p.m.9 views

CVE-2024-38363

Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new...

8.5CVSS0.00669EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 2:10 p.m.3 views

CVE-2024-38363 Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte

Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new...

8.5CVSS7.8AI score0.00669EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 2:10 p.m.16 views

CVE-2024-38363 Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte

Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create and test new...

8.5CVSS0.00669EPSS
Exploits0References1
CVE
CVE
added 2024/07/09 2:10 p.m.48 views

CVE-2024-38363

Airbyte’s CVE-2024-38363 affects the Airbyte connection builder docker image, where server-side template injection (SSTI) enables authenticated remote code execution as the web server user. The connection builder is used to create/test new connectors, and exploitation could lead to exposure of se...

8.5CVSS8.6AI score0.00669EPSS
Exploits0References1
Rows per page
Query Builder