Moderate severityNVD Advisory· Published Dec 14, 2020· Updated Feb 13, 2025
CVE-2020-17513
CVE-2020-17513
Description
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-airflowPyPI | < 1.10.13 | 1.10.13 |
Affected products
3- osv-coords2 versions
< 1.10.13+ 1 more
- (no CPE)range: < 1.10.13
- (no CPE)range: < 1.10.13
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-6r3p-fcvm-xh7cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-17513ghsaADVISORY
- github.com/apache/airflow/commit/b606b871226d649913a37fd074eeae5d86ebc3a1ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2020-20.yamlghsaWEB
- lists.apache.org/thread.html/rb3647269f07cc2775ca6568cbfd4994d862c842a58120d2aba9c658a%40%3Cusers.airflow.apache.org%3Eghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.