Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2023/07/12 12:31 p.m.4 views

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +136 more potentially affected by CVE-2023-35908 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-35908 Source advisory: OSV:GHSA-2H84-3CRQ-VGFJ...

6.5CVSS6.5AI score0.01076EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/12 10:15 a.m.6 views

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +136 more potentially affected by CVE-2023-35908 via apache-airflow (>=1.8.2 <=2.5.3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-35908 Source advisory: OSV:PYSEC-2023-119...

6.5CVSS6.5AI score0.01076EPSS
Exploits0
CVE
CVE
added 2023/07/12 9:14 a.m.78 views

CVE-2023-35908

CVE-2023-35908 affects Apache Airflow, versions before 2.6.3. The vulnerability allows unauthorized read access to a DAG through the URL (i.e., an access control issue). The documented remediation is to upgrade to a version that is not affected (2.6.3 or later). Other details on exploitation tech...

6.5CVSS6.1AI score0.01076EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/07/12 9:14 a.m.12 views

CVE-2023-35908 Apache Airflow: Access to DAGs without relevant permission

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected...

6.5CVSS5.9AI score0.01076EPSS
Exploits0References4
Rows per page
Query Builder