4 matches found
CVE-2021-28359
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions 1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fi...
CVE-2021-28359
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions 1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fi...
aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +3 more potentially affected by CVE-2021-28359 via apache-airflow (>=2.0.0 <=2.0.0rc3)
apache-airflow PYPI version =2.0.0, =0.1.0rc3, =0.1.0, =0.3.1 - dataverk-airflow =0.3.12 - gps-building-blocks =1.2.2 - neuro-airflow-plugin =0.0.1 Source cves: CVE-2021-28359 Source advisory: OSV:PYSEC-2021-4...
CVE-2021-28359
Technical details for CVE-2021-28359 are not present in the provided documents. Public sources in Connected Documents do not specify affected products/versions or fixes. Monitor for updates.