2 matches found
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +137 more potentially affected by CVE-2023-39441 via apache-airflow (>=1.8.2 <=2.6.3)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-39441 Source advisory: OSV:GHSA-5F35-PQ34-C87Q...
CVE-2023-39441
Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected by a certificate validation weakness in the OpenSSL-based SSL context. The default SSL context did not verify server X.509 certificates, allowing an attacker in a MIT...