Lucene search
+L

4 matches found

github
github
added 2023/08/23 6:30 p.m.25 views

Apache Airflow Session Fixation vulnerability

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

8CVSS6.8AI score0.01366EPSS
Exploits0References8Affected Software1
osv
osv
added 2023/08/23 3:37 p.m.20 views

CVE-2023-40273 Session fixation in Apache Airflow web interface

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

8CVSS7AI score0.01366EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/08/23 12:0 a.m.5 views

PT-2023-4782 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.7.0 Description: The issue is related to a session fixation vulnerability in the Airflow web interface, allowing an authenticated user to continue accessing the webserver even after their password has been...

9CVSS6.8AI score0.01366EPSS
Exploits0References19
susecve
susecve
added 2023/02/15 3:57 a.m.5 views

SUSE CVE-2020-15105

Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session base64-encoded. The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor...

5.4CVSS6AI score0.00579EPSS
Exploits0References3
Rows per page
Query Builder