CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22887 – Apache Airflow path traversal by authenticated user
https://notcve.org/view.php?id=CVE-2023-22887
12 Jul 2023 — Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected • https://github.com/apache/airflow/pull/32293 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35908 – Apache Airflow: Access to DAGs without relevant permission
https://notcve.org/view.php?id=CVE-2023-35908
12 Jul 2023 — Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected • https://github.com/apache/airflow/pull/32014 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35797 – Apache Airflow Hive Provider Beeline RCE with Principal
https://notcve.org/view.php?id=CVE-2023-35797
03 Jul 2023 — Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: before 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter. For this to be exploited it requires access to modifying the connection details. It is recommended updating provider version to 6.1.1 in order to avoid this vulnerability. Improper Input Validation vulnerability in Apache Software Foundation Ap... • http://www.openwall.com/lists/oss-security/2023/07/12/3 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22886 – Apache Airflow JDBC Provider: RCE Vulnerability
https://notcve.org/view.php?id=CVE-2023-22886
29 Jun 2023 — Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0. Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL... • https://lists.apache.org/thread/ynbjwp4n0vzql0xzhog1gkp1ovncf8j3 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35798 – Airflow Apache ODBC and MSSQL Providers Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2023-35798
27 Jun 2023 — Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to exploit it. This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1. It is recommended to upgrade to a version that is not aff... • https://github.com/apache/airflow/pull/31984 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34395 – Apache Airflow ODBC Provider: Remote code execution vulnerability
https://notcve.org/view.php?id=CVE-2023-34395
27 Jun 2023 — Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of arbitrary dynamic-link libraries, resulting in command execution. Starting version 4.0.0 driver can be set only from the hook constructor. This issue affects Apache Airflow ODBC Provider: before 4.0.0. Improper Neutra... • https://github.com/apache/airflow/pull/31713 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35005 – Apache Airflow: Information disclosure on configuration view
https://notcve.org/view.php?id=CVE-2023-35005
19 Jun 2023 — In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations. This vulnerability is mitigated by the fact configuration is not shown in the UI by default (only if `[webserver] expose_config` is set to `non-sensitive-only`), and not all uncensored values are actually sentitive. This issue affects Apache Airflow: from 2.5.0 before 2.6.2. Users are recommended to update to version 2.6.2 or later. • https://github.com/apache/airflow/pull/31788 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33234 – Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration
https://notcve.org/view.php?id=CVE-2023-33234
30 May 2023 — Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions (Op or Admin) to change the connection object in this manner. Operators should upgrade to provider version 7.0.0 which has removed the vulnerability. • https://lists.apache.org/thread/n1vpgl6h2qsdm52o9m2tx1oo86tl4gnq • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25754 – Apache Airflow: Privilege escalation using airflow logs
https://notcve.org/view.php?id=CVE-2023-25754
08 May 2023 — Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0. • http://www.openwall.com/lists/oss-security/2023/05/08/2 • CWE-270: Privilege Context Switching Error •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29247 – Stored XSS on Apache Airflow
https://notcve.org/view.php?id=CVE-2023-29247
08 May 2023 — Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0. • https://github.com/apache/airflow/pull/30447 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •