8 matches found
EUVD-2023-0014
Malicious code in bioql PyPI...
Privilege Escalation
apacheairflow is vulnerable to Privilege Escalation. The vulnerability is due to the Run Task feature, as it enables authenticated users to bypass limits, execute code in the webserver context and bypass restrictions on some DAGs, which exposes sensitive data, resulting in privileges escalation...
Apache Airflow Execution with Unnecessary Privileges
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...
GHSA-269X-PG5C-5XGM Apache Airflow Execution with Unnecessary Privileges
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...
PYSEC-2023-134
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...
CVE-2023-39508 Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...
Apache Airflow Security Vulnerability
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is characterized by scalability and dynamic monitoring. Apache Airflow versions prior to 2.6.0 have a security vulnerability that stems from a...
PT-2023-4783 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.6.0 Description: The issue is related to the "Run Task" feature in Apache Airflow, which allows an authenticated user to bypass some restrictions and execute code in the webserver context, as well as access...