PRIOn Logo

Search KB


Search our pre-analyzed vulnerability database

Total Results: 2296

of 115

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apache Software Foundation
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v3N/A

Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the scheduler is not supposed to execute code submitted by the DAG author. Users are advised to upgrade to version 2.10.1 or later, which has fixed the vulnerability.

Published:   Updated:

Vulnerability Type: Information disclosure

Vendor(s):  Apache Software Foundation
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v3N/A

Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the dangerous example; see https://github.com/apache/airflow/pull/41873  for more information. We recommend against exposing the example DAGs in your deployment. If you must expose the example DAGs, upgrade Airflow to version 2.10.1 or later.

Published:   Updated:

Vulnerability Type: Code injection

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APR_USE_SHMEM_SHMGET=1 (apr.h) Users are recommended to upgrade to APR version 1.7.5, which fixes this issue.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.1

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the provider link. Users should upgrade to 2.10.0 or later, which fixes this vulnerability.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Redhat
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360 This issue affects Apache SeaTunnel: 1.0.0. Users are recommended to upgrade to version [1.0.1], which fixes the issue.

Published:   Updated:

Vulnerability Type: Deserialization of untrusted data

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.8

Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0.

Published:   Updated:

Vulnerability Type: Sql injection

Vendor(s):  Apache
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection.

Published:   Updated:

Vulnerability Type: Code injection

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.9

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack The mitigations to prevent this type of attack were implemented in Apache MINA SSHD 2.12.0, both client and server side. Users are recommended to upgrade to at least this version. Note that both the client and the server implementation must have mitigations applied against this issue, otherwise the connection may still be affected.

Published:   Updated:

Vulnerability Type: Default credentials

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused or hijacked. Users are recommended to upgrade to version 1.3.6, which fixes the issue.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked. Users are recommended to upgrade to version 1.3.6, which fixes the issue.

Published:   Updated:

Vulnerability Type: Buffer overflow

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.1

File read and write vulnerability in Apache DolphinScheduler ,  authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.3

In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list access of network details for domain admin and normal user accounts. This vulnerability compromises tenant isolation, potentially leading to unauthorised access to network details, configurations and data. Affected users are advised to upgrade to version 4.19.1.1 to address this issue. Users on older versions of CloudStack considering to upgrade, can skip 4.19.1.0 and upgrade directly to 4.19.1.1.

Published:   Updated:

Vulnerability Type: Default credentials

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.2

CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations. Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin. An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss, denial of service and availability of CloudStack managed infrastructure. Users are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue. Additionally, all account-user API and secret keys should be regenerated.

Published:   Updated:

Vulnerability Type: Server side request forgery (ssrf)

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.3

** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Published:   Updated:

Vulnerability Type: Authorization

Vendor(s):  Apache
Immediate
Remediate Within 48 Hours
CVSS v2N/ACVSS v39.8

Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).

Published:   Updated:

Vulnerability Type: Session fixation

Vendor(s):  Apache
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FAB 1.2.0 for all Airflow versions. The FAB provider prevented the user from logging out.   * FAB provider 1.2.1 only affected Airflow 2.9.3 (earlier and later versions of Airflow are not affected) * FAB provider 1.2.0 affected all versions of Airflow. Users who run Apache Airflow 2.9.3 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Users who run Any Apache Airflow version and have FAB provider 1.2.0 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Also upgrading Apache Airflow to latest version available is recommended. Note: Early version of Airflow reference container images of Airflow 2.9.3 and constraint files contained FAB provider 1.2.1 version, but this is fixed in updated versions of the images.  Users are advised to pull the latest Airflow images or reinstall FAB provider according to the current constraints.

Published:   Updated:

Vulnerability Type: Code injection

Vendor(s):  Apache
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick [1] to solve it. [1]  https://github.com/apache/inlong/pull/10251

Published:   Updated:

Vulnerability Type: Arbitrary file deletion

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.9

In Apache Linkis <= 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue.

Published:   Updated:

Vulnerability Type: Code injection

Vendor(s):  Apache
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.2

Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.

of 115