7 matches found
Malicious code in celery-flower (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6475 Malicious code in celery-flower (PyPI)
--- -= Per source details. Do not edit below this line.=-...
EXNESS: Unrestricted Access to Celery Flower Instance
The publicly accessible Celery Flower instance allowed unrestricted access, exposing sensitive information, and the ability to manipulate tasks...
Command injection
flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a...
CVE-2017-14483
flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a...
CVE-2017-14483
flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a...
CVE-2017-14483
Removed by vendor...