Lucene search
K

14 matches found

OSV
OSV
added 5 days ago5 views

PYSEC-2026-267 OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS7.4AI score0.03228EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-7272

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.03228EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:17 a.m.7 views

CVE-2022-38649

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS7.2AI score0.03228EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:57 a.m.22 views

BIT-AIRFLOW-2022-38649 Apache Airflow Pinot provider allowed Command Injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS9.7AI score0.03228EPSS
Exploits0References3
OSV
OSV
added 2022/11/22 12:30 p.m.25 views

GHSA-7WQF-H36W-47MC OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS9.7AI score0.03228EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/11/22 12:30 p.m.37 views

OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS9.1AI score0.03228EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/11/22 10:15 a.m.23 views

CVE-2022-38649

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS9.7AI score
Exploits0References2
NVD
NVD
added 2022/11/22 10:15 a.m.18 views

CVE-2022-38649

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8CVSS0.03228EPSS
Exploits0References2
Prion
Prion
added 2022/11/22 10:15 a.m.26 views

Command injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

7.5CVSS9.7AI score0.03228EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/11/22 12:0 a.m.106 views

CVE-2022-38649

CVE-2022-38649 describes an OS command injection vulnerability in the Apache Airflow Pinot Provider. The issue arises from improper neutralization of special elements when constructing OS commands, enabling an attacker to control commands executed in the task execution context without requiring D...

9.8CVSS9.7AI score0.03228EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.9 views

Apache Airflow 操作系统命令注入漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is characterized by scalability and dynamic monitoring. An operating system command injection vulnerability exists in Apache Airflow Pinot Provid...

9.8CVSS8.3AI score0.03228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.5 views

CVE-2022-38649 Apache Airflow Pinot provider allowed Command Injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.8AI score0.03228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.15 views

PT-2022-24498

Name of the Vulnerable Software and Affected Versions Apache Airflow Pinot Provider versions prior to 4.0.0 Apache Airflow versions prior to 2.3.0 Description The issue is related to an Improper Neutralization of Special Elements used in an OS Command, also known as 'OS Command Injection'. This...

9.8CVSS7.5AI score0.03228EPSS
Exploits0References13
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.41 views

CVE-2022-38649 Apache Airflow Pinot provider allowed Command Injection

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...

9.9AI score0.03228EPSS
Exploits0References2
Rows per page
Query Builder