2 matches found
PYSEC-2020-14
An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...
PT-2019-13094 · Toaruos · Toaruos
Name of the Vulnerable Software and Affected Versions: ToaruOS versions prior to 1.10.10 Description: The issue is related to incorrect access control in the sys sysfunc case 9 for TOARU SYS FUNC SETHEAP, allowing arbitrary kernel pages to be mapped into user land. This can lead to root access...