CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45034 – Apache Airflow: Authenticated DAG authors could execute code on scheduler nodes
https://notcve.org/view.php?id=CVE-2024-45034
07 Sep 2024 — Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the scheduler is not supposed to execute code submitted by the DAG author. Users are advised to upgrade to version 2.10.1 or later, which has fixed the vulnerability. Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the schedul... • https://github.com/apache/airflow/pull/41672 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 10.0EPSS: 94%CPEs: 1EXPL: 0CVE-2024-45195 – Apache OFBiz Forced Browsing Vulnerability
https://notcve.org/view.php?id=CVE-2024-45195
04 Sep 2024 — Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. Vulnerabilidad Direct Request ("Navegación forzada") en Apache OFBiz. Este problema afecta a Apache OFBiz: anterior a la versión 18.12.16. • https://issues.apache.org/jira/browse/OFBIZ-13130 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 10.0EPSS: 87%CPEs: 1EXPL: 1CVE-2024-45507 – Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE
https://notcve.org/view.php?id=CVE-2024-45507
04 Sep 2024 — Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.16. Users are recommended to upgrade to version 18.12.16, which fixes the issue. Vulnerabilidad de Server-Side Request Forgery (SSRF) y control inadecuado de la generación de código ('inyección de código') en Apache OFBiz. Este problema afecta a Apache OFBiz: anterior a la versión 18.12.16. • https://github.com/Avento/CVE-2024-45507_Behinder_Webshell • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49582 – Apache Portable Runtime (APR): Unexpected lax shared memory permissions
https://notcve.org/view.php?id=CVE-2023-49582
26 Aug 2024 — Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APR_USE_SHMEM_SHMGET=1 (apr.h) Users are recommended to upgrade to APR version 1.7.5, which fixes this issue. Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments... • https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41937 – Apache Airflow: Stored XSS Vulnerability on provider link
https://notcve.org/view.php?id=CVE-2024-41937
21 Aug 2024 — Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the provider link. Users should upgrade to 2.10.0 or later, which fixes this vulnerability. Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-si... • https://github.com/apache/airflow/pull/40933 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49198 – Apache SeaTunnel Web: Arbitrary file read vulnerability
https://notcve.org/view.php?id=CVE-2023-49198
21 Aug 2024 — Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360 This issue affects Apache SeaTunnel: 1.0.0. Users are recommended to upgrade to version [1.0.1], which fixes the issue. Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allo... • https://lists.apache.org/thread/48j9f1nsn037mgzc4j9o51nwglb1s08h • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22281 – Apache Helix Front (UI): Helix front hard-coded secret in the express-session
https://notcve.org/view.php?id=CVE-2024-22281
20 Aug 2024 — The Apache Helix Front (UI) component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front (UI): all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. ** UNSUPPORTED WHEN ASSIGNED... • https://lists.apache.org/thread/zt26fpmrqx3fzcy8nv3b43kb3xllo5ny • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2024-43202 – Apache DolphinScheduler: Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43202
20 Aug 2024 — Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue. • https://github.com/apache/dolphinscheduler/pull/15758 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41909 – Apache MINA SSHD: integrity check bypass
https://notcve.org/view.php?id=CVE-2024-41909
12 Aug 2024 — Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack The mitigations to prevent this type of attack were implemented in Apache MINA SSHD 2.12.0, both client and serv... • https://github.com/apache/mina-sshd/issues/445 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41888 – Apache Answer: The link for resetting user password is not Single-Use
https://notcve.org/view.php?id=CVE-2024-41888
09 Aug 2024 — Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked. Users are recommended to upgrade to version 1.3.6, which fixes the issue. Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. • https://lists.apache.org/thread/jbs1j2o9rqm5sc19jyk3jcfvkmfkmyf4 • CWE-772: Missing Release of Resource after Effective Lifetime •