EUVD-2019-0016

Malware in sbrugna...

CVE-2023-40273

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

Session fixation

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2019-13853)

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in the airflow webserver servi...

CVE-2019-0229

A number of HTTP endpoints in the Airflow webserver both RBAC and classic did not have adequate protection and were vulnerable to cross-site request forgery attacks...

Cross site request forgery (csrf)

A number of HTTP endpoints in the Airflow webserver both RBAC and classic did not have adequate protection and were vulnerable to cross-site request forgery attacks...

PYSEC-2019-215

A number of HTTP endpoints in the Airflow webserver both RBAC and classic did not have adequate protection and were vulnerable to cross-site request forgery attacks...

CVE-2019-0229

A number of HTTP endpoints in the Airflow webserver both RBAC and classic did not have adequate protection and were vulnerable to cross-site request forgery attacks...