Lucene search
K

110 matches found

Chainguard
Chainguard
added 5 days ago5 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: falcoctl, coder, rootlesskit-fips, docker-fips, keda-fips, minio-fips, crossplane-provider-aws-scheduler, upwind-agent, trivy, spire-server, crossplane-provider-azure-managedidentity, crossplane-provider-aws-backup, crossplane-provider-aws-ec2-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.7 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: cri-tools, falcoctl, kiali-fips, aws-fsx-csi-driver-fips, docker-fips, flux-image-reflector-controller-fips, kgateway, datadog-operator-fips, trivy, crossplane-provider-azure-managedidentity, opensearch-datasource-fips, terraform-provider-google-fips,...

5.3CVSS5.8AI score0.00237EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.6 views

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: cri-tools, falcoctl, kiali-fips, aws-fsx-csi-driver-fips, docker-fips, flux-image-reflector-controller-fips, kgateway, datadog-operator-fips, trivy, crossplane-provider-azure-managedidentity, opensearch-datasource-fips, terraform-provider-google-fips,...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.7 views

CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

6.5CVSS5.5AI score0.00552EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.13 views

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: step-ca, wal-g, gotrue, certificate-transparency-fips, keda-fips, argo-workflows-fips, spire-server, opentelemetry-collector-contrib-fips, steampipe, telegraf, ferretdb, openbao, spicedb-fips, teleport, trillian, caddy, kube-bench, sftpgo-plugin-eventstore,...

9.8CVSS5.8AI score0.00356EPSS
Exploits0
OSV
OSV
added 2026/04/18 8:37 a.m.7 views

BIT-AIRFLOW-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/15 3:31 p.m.5 views

EUVD-2026-22921

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2026/04/15 3:31 p.m.4 views

GHSA-4G48-54Q2-FG7Q Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/15 3:31 p.m.5 views

Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/04/15 1:16 p.m.6 views

CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

6.5CVSS0.00552EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/15 12:30 p.m.33 views

CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

0.00552EPSS
Exploits0References3
CVE
CVE
added 2026/04/15 12:30 p.m.27 views

CVE-2026-25219

CVE-2026-25219 affects Apache Airflow. The vulnerability arises because the access_key and connection_string fields were not marked as sensitive in secrets masker, enabling users with read access to view these values in the UI and potentially in logs. The documented remediation is to upgrade Airf...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/15 12:30 p.m.4 views

CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

5.8AI score0.00552EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/15 12:30 p.m.3 views

CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

5.8AI score0.00552EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.5 views

PT-2026-33058

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.1.8 Description The secrets masker failed to mark the access key and connection string connection properties as sensitive. This allows users with read permissions to view these values in the Connection UI...

6.5CVSS5.8AI score0.00552EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-40746

Malicious code in bioql PyPI...

6.6CVSS6.4AI score0.01074EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-25699

Malicious code in bioql PyPI...

7CVSS7.1AI score0.00708EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-0201

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00208EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32007

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00979EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-40788

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00652EPSS
Exploits0References1
Rows per page
Query Builder