Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-j3w8-2p2h-mrr9: Apache Airflow vulnerable to privilege escalation

Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

ghsa
Open in Source
#vulnerability#apache#git#auth
GHSA-fpxx-xv4c-gxqp: Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only

Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the `expose_config` option is set to `non-sensitive-only`. The `expose_config` option is `False` by default. It is recommended to upgrade to a version that is not affected.

CVE-2023-5580: SerBermz_SQL-injection/SerBermz_SQL injection.md at main · GodRone/SerBermz_SQL-injection

A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-242145 was assigned to this vulnerability.

CVE-2023-42663: REST API: Fix task instance access issue in the batch endpoint by ephraimbuddy · Pull Request #34315 · apache/airflow

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

GHSA-fpr8-4wvx-j9q3: node-qpdf vulnerable to command injection

All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they can specify the input pdf file path.

CVE-2023-45856: Report-CVE/qdPM/9.2/RCE.md at main · SunshineOtaku/Report-CVE

qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.

CVE-2023-45855: Report-CVE/qdPM/9.2/Directory Traversal.md at main · SunshineOtaku/Report-CVE

qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.

CVE-2023-45853: Minizip: Zip and UnZip additionnal library

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.

CVE-2023-4257: Unchecked user input length in the Zephyr WiFi shell module

Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.