EUVD-2024-0760

Malicious code in bioql PyPI...

BIT-AIRFLOW-2024-25141

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

CVE-2024-25141

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

Apache Airflow Trust Management Issues Vulnerability (CNVD-2024-13571)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow suffers from a trust management issue vulnerability that stems from...

GHSA-X5PM-H33Q-CJRW Improper Certificate Validation in apache airflow mongo hook

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

Improper Certificate Validation in apache airflow mongo hook

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

CVE-2024-25141

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

CVE-2024-25141

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

Design/Logic Flaw

When ssl was enabled for Mongo Hook, default settings included "allowinsecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue...

Apache Airflow 信任管理问题漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow suffers from a trust management issue vulnerability that stems from...

PT-2024-20775 · Apache · Apache-Airflow-Providers-Mongo

Name of the Vulnerable Software and Affected Versions: apache-airflow-providers-mongo versions prior to 4.0.0 Description: The issue arises when SSL is enabled for the Mongo Hook, and the default settings include allow insecure, which causes certificates not to be validated. This behavior is...