Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0027

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.01497EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.31 views

Fedora 40 : golang-cloud-google / golang-cloud-google-bigquery / etc (2023-f23d9c5057)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-f23d9c5057 advisory. Split golang-cloud-google into multiple modules Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

7.8CVSS5.7AI score0.01497EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:51 a.m.27 views

BIT-AIRFLOW-2023-47037 Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access)

We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have the...

4.3CVSS4.5AI score0.01497EPSS
Exploits0References4
NVD
NVD
added 2023/11/12 2:15 p.m.21 views

CVE-2023-47037

We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have the...

4.3CVSS0.01497EPSS
Exploits0References3
Prion
Prion
added 2023/11/12 2:15 p.m.26 views

Design/Logic Flaw

We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have the...

4CVSS4.3AI score0.01497EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/09/12 11:5 a.m.154 views

CVE-2023-40611

Apache Airflow vulnerable before 2.7.1: authenticated DAG-view users can modify DAG run detail values when submitting notes (e.g., configuration, start date). Root cause relates to broken access control around DAG runs. A fix exists in 2.7.1 and later; upgrade to 2.7.1+ to remove the vulnerabilit...

4.3CVSS4.7AI score0.01305EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder