11 matches found
EUVD-2023-2432
Malicious code in bioql PyPI...
Fedora 40 : golang-cloud-google / golang-cloud-google-bigquery / etc (2023-f23d9c5057)
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-f23d9c5057 advisory. Split golang-cloud-google into multiple modules Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
Arbitrary Code Execution
Apache airflow hdfs provider package is found to be vulnerable to code execution. Incorrect documentation points users to install an incorrect pip package. Since this package is unverified, an attacker can claim this package and provide code that would be executed when this package was installed...
GHSA-5HJ9-M76G-XRC8 Apache HDFS Provider error message suggested
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
Apache HDFS Provider error message suggested
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
CVE-2023-41267
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
CVE-2023-41267
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
Code injection
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...
CVE-2023-41267
The CVE-2023-41267 issue affects the Apache Airflow HDFS Provider prior to version 4.1.1. The root cause is a documentation misdirection that pointed users to install an incorrect, unclaimed pip package. This created a theoretical attack surface where an attacker could claim the package and execu...
CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...