Количество 3
Количество 3
CVE-2017-17836
In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, whether it be via XSS or by leaving a machine unlocked can exfiltrate all credentials from the system.
CVE-2017-17836
In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature d ...
GHSA-9gqg-3fxr-9hv7
Apache Airflow vulnerable to XSS
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-17836 In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, whether it be via XSS or by leaving a machine unlocked can exfiltrate all credentials from the system. | CVSS3: 9.8 | 0% Низкий | около 7 лет назад |
| CVE-2017-17836 In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature d ... | CVSS3: 9.8 | 0% Низкий | около 7 лет назад |
| GHSA-9gqg-3fxr-9hv7 Apache Airflow vulnerable to XSS | CVSS3: 9.8 | 0% Низкий | около 7 лет назад |
Уязвимостей на страницу