Page 7 of 117 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

08 May 2023 — Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0. • https://github.com/apache/airflow/pull/30447 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

07 Apr 2023 — Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1. • http://www.openwall.com/lists/oss-security/2023/04/07/3 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

07 Apr 2023 — Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0. • http://www.openwall.com/lists/oss-security/2023/04/07/2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

07 Apr 2023 — Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2. • http://www.openwall.com/lists/oss-security/2023/04/07/1 • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

15 Mar 2023 — Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2. • https://github.com/apache/airflow/pull/29501 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

24 Feb 2023 — Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1. • https://github.com/apache/airflow/pull/29587 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

24 Feb 2023 — Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3. • https://github.com/apache/airflow/pull/29502 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

24 Feb 2023 — Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1. • https://github.com/apache/airflow/pull/29500 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

24 Feb 2023 — Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. • https://github.com/apache/airflow/pull/29499 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

24 Feb 2023 — Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. • https://github.com/apache/airflow/pull/29497 • CWE-20: Improper Input Validation •