Airflow
by Apache
pypi: airflow
Source repositories
CVEs (142)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15720 | 0.00 | — | 0.02 | Jan 23, 2019 | In Apache Airflow 1.8.2 and earlier, an authenticated user can execute code remotely on the Airflow webserver by creating a special object. | |||
| CVE-2018-20245 | 0.00 | — | 0.01 | Jan 23, 2019 | The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking. |
- CVE-2017-15720Jan 23, 2019risk 0.00cvss —epss 0.02
In Apache Airflow 1.8.2 and earlier, an authenticated user can execute code remotely on the Airflow webserver by creating a special object.
- CVE-2018-20245Jan 23, 2019risk 0.00cvss —epss 0.01
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.
Page 8 of 8