545 matches found
Apache Airflow 1.10.10 - (Example Dag) Remote Code Execution Exploit
Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker apache/airflow:1.10 .10...
Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution
Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...
Path Traversal
github.com/ipfs/go-ipfs is vulnerable to path traversal. The use of whyrusleeping/tar-utils which fails to validate tarPath when a get is done on an malicious DAG file allows overwritting of files or writing to incorrect destination folders during retrieval...
Path traversal
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written t...
PT-2021-11230 · Go-Ipfs · Go-Ipfs
Name of the Vulnerable Software and Affected Versions: go-ipfs versions prior to 0.8.0-rc1 Description: The issue is related to path traversal in go-ipfs, which can occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten or written to incorrect output...
CVE-2021-26697
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can jus...
PYSEC-2021-3
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can jus...
PYSEC-2021-3
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can jus...
PT-2021-17095 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow version 2.0.0 Description: The issue concerns the lineage endpoint of the deprecated Experimental API in Apache Airflow, which was not protected by authentication. This allowed unauthenticated users to access the endpoint. The...
CVE-2020-27720
On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...
Design/Logic Flaw
On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...
CVE-2020-27720
CVE-2020-27720 affects F5 BIG-IP LTM/CGNAT where processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, with dag-ipv6-prefix-len under 128, may trigger a restart of the Traffic Management Microkernel (TMM). Affected versions include 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14...
CVE-2020-27720
On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation PBA mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may...
CVE-2020-26240
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch estimated early January, 2021. This happened on the ETC chain on...
CVE-2020-26240
CVE-2020-26240 affects Go Ethereum (Geth). The issue is an ethash mining DAG generation flaw that could cause miners to compute PoW incorrectly in an upcoming epoch; non-mining nodes are unaffected. Affected software: Geth prior to version 1.9.24. Root cause: DAG generation flaw in ethash logic. ...
Ethereum Go-ethereum Security Breach
Ethereum Go-ethereum is a codebase from the Ethereum community that implements the ethereum protocol in the Go language. Ethereum Go-ethereum version prior to 1.9.24 is vulnerable to a security flaw that stems from the mining of a DAG generation vulnerability could cause miners to incorrectly...
cid (>=0.3.2 <=0.4.0), dag-cbor (=0.1.0) +41 more potentially affected by CVE-2020-35909 via multihash (=0.10.1)
multihash CARGO version =0.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on multihash and may be impacted: - cid =0.3.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.1, =0.0.1, =0.0.2 - libipld =0.1.0 - libipld-base =0.1.0 - libipld-core...
PYSEC-2020-14
An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...
DAG Client Leakage
tez-api is vulnerable to DAG client Leakage. The vulnerability exists because when terminating the connection to the YARN cluster, it does not shutdown Prewarm DAG client, leading to the leakage of DAG client...
CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in adminpeers API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...