CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29735 – Apache Airflow: Potentially harmful permission changing by log task handler
https://notcve.org/view.php?id=CVE-2024-29735
Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix group of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem. If your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable. This issue does not affect users who use or extend Airflow using Official Airflow Docker reference images ( https://hub.docker.com/r/apache/airflow/ ) - those images require to have group write permission set anyway. You are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users. Also you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems. Recommendation for users using Airflow outside of the containers: * if you are using root to run Airflow, change your Airflow user to use non-root * upgrade Apache Airflow to 2.8.4 or above * If you prefer not to upgrade, you can change the https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions to 0o755 (original value 0o775). * if you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of AIRFLOW_HOME/logs in all your components and all parent directories of this directory and remove group write access for all the parent directories Vulnerabilidad de conservación inadecuada de permisos en Apache Airflow. Este problema afecta a Apache Airflow desde la versión 2.8.2 hasta la 2.8.3. El controlador de tareas de archivos locales de Airflow en Airflow configuró incorrectamente permisos para todas las carpetas principales de la carpeta de registro, en la configuración predeterminada agrega acceso de escritura al grupo de carpetas de Unix. En el caso de que Airflow se ejecute con el usuario root (no recomendado), agregó permiso de escritura grupal a todas las carpetas hasta la raíz del sistema de archivos. • http://www.openwall.com/lists/oss-security/2024/03/26/2 https://github.com/apache/airflow/pull/37310 https://lists.apache.org/thread/8khb1rtbznh100o325fb8xw5wjvtv536 • CWE-281: Improper Preservation of Permissions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27438 – Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution
https://notcve.org/view.php?id=CVE-2024-27438
Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution. Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check. This issue affects Apache Doris: from 1.2.0 through 2.0.4. Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue. Descarga de Código Sin Integridad Check vulnerabilidad en Apache Doris. Los archivos del controlador jdbc utilizados para el catálogo JDBC no están verificados y pueden provocar la ejecución remota de comandos. Una vez que el atacante está autorizado a crear un catálogo JDBC, puede utilizar un archivo jar de controlador arbitrario con un fragmento de código no verificado. • http://www.openwall.com/lists/oss-security/2024/03/21/1 https://lists.apache.org/thread/h95h82b0svlnwcg6c2xq4b08j6gwgczh • CWE-494: Download of Code Without Integrity Check •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26307 – Apache Doris: Possible race condition
https://notcve.org/view.php?id=CVE-2024-26307
Possible race condition vulnerability in Apache Doris. Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file. This could theoretically happen, but the impact would be minimal. This issue affects Apache Doris: before 1.2.8, before 2.0.4. Users are recommended to upgrade to version 2.0.4, which fixes the issue. Posible vulnerabilidad de condición de ejecución en Apache Doris. Parte del código que utiliza el método `chmod()`. Este método corre el riesgo de que alguien cambie el nombre del archivo por debajo del usuario y modifique el archivo incorrecto. • http://www.openwall.com/lists/oss-security/2024/03/21/2 https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29131 – Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
https://notcve.org/view.php?id=CVE-2024-29131
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. Vulnerabilidad de escritura fuera de los límites en la configuración de Apache Commons. Este problema afecta a la configuración de Apache Commons: desde 2.0 antes de 2.10.1. Se recomienda a los usuarios actualizar a la versión 2.10.1, que soluciona el problema. A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). • http://www.openwall.com/lists/oss-security/2024/03/20/4 https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS https://access.redhat.com/security/cve/CVE-2024-29131 https://bugzilla.redhat.com/show_bug.cgi?id=2270674 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29133 – Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
https://notcve.org/view.php?id=CVE-2024-29133
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. Vulnerabilidad de escritura fuera de los límites en la configuración de Apache Commons. Este problema afecta a la configuración de Apache Commons: desde 2.0 antes de 2.10.1. Se recomienda a los usuarios actualizar a la versión 2.10.1, que soluciona el problema. A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. • http://www.openwall.com/lists/oss-security/2024/03/20/3 https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS https://access.redhat.com/security/cve/CVE-2024-29133 https://bugzilla.redhat.com/show_bug.cgi?id=2270673 • CWE-787: Out-of-bounds Write •