Lucene search
K

7 matches found

Nuclei
Nuclei
added yesterday245 views

Apache Airflow - Unauthenticated Variable Import

Apache Airflow Airflow =2.0.0 and =2.0.0 and 2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution...

9.8CVSS7.2AI score0.80938EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.10 views

CVE-2021-38540

The variable import endpoint was not protected by authentication in Airflow =2.0.0, =2.0.0, 2.1.3...

9.8CVSS8AI score0.80938EPSS
Exploits2References1
vulnersOsv
vulnersOsv
added 2022/05/24 7:14 p.m.7 views

acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.9.5.1rc1 <=1.3.1.post1) +118 more potentially affected by CVE-2021-38540 via apache-airflow (>=2.0.0 <=2.1.2)

apache-airflow PYPI version =2.0.0, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =0.10.2, =0.11.0 - airflow-ditto =0.0.1.2 and more Source cves: CVE-2021-38540 Source advisory: OSV:GHSA-H88F-R7CW-8FV3...

9.8CVSS7.2AI score0.80938EPSS
Exploits2
Circl
Circl
added 2021/09/09 6:29 p.m.13 views

CVE-2021-38540

creationtimestamp| type| source ---|---|--- 2021-09-09 18:29:33+00:00| seen| https://t.me/cibsecurity/28591 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-38540.yaml...

9.8CVSS8.6AI score0.80938EPSS
Exploits2References2
NVD
NVD
added 2021/09/09 3:15 p.m.29 views

CVE-2021-38540

The variable import endpoint was not protected by authentication in Airflow =2.0.0, =2.0.0, 2.1.3...

9.8CVSS0.80938EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/09/09 3:5 p.m.26 views

CVE-2021-38540 Apache Airflow: Variable Import endpoint missed authentication check

The variable import endpoint was not protected by authentication in Airflow =2.0.0, =2.0.0, 2.1.3...

10AI score0.80938EPSS
Exploits2References2
CVE
CVE
added 2021/09/09 3:5 p.m.128 views

CVE-2021-38540

Affected software: Apache Airflow 2.x, specifically &gt;=2.0.0 and

9.8CVSS9.8AI score0.80938EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder