5 matches found
CVE-2023-40273
creationtimestamp| type| source ---|---|--- 2023-08-23 20:12:49+00:00| seen| https://t.me/cibsecurity/69072 2023-09-04 16:03:01+00:00| seen| https://t.me/ctinow/134615 2025-01-08 08:49:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113791870409998283 2025-01-08 09:12:24+00:00| seen|...
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +137 more potentially affected by CVE-2023-40273 via apache-airflow (>=1.8.2 <=2.6.3)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2023-40273 Source advisory: OSV:GHSA-PM87-24WQ-R8W9...
CVE-2023-40273 Session fixation in Apache Airflow web interface
The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...
CVE-2023-40273 Session fixation in Apache Airflow web interface
The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...
CVE-2023-40273 Session fixation in Apache Airflow web interface
The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...