Apache Airflow Cross Site Request Forgery and HTML Injection Vulnerabilities

Bugtraq ID: 107869
Class: Design Error
CVE: CVE-2019-0216
CVE-2019-0229
Remote: Yes
Local: No
Published: Apr 10 2019 12:00AM
Updated: Apr 10 2019 12:00AM
Credit: Nicolas Heiniger ( of photochrome.ch), Matt S, and Francesco Soncina (of ABN AMRO), Erik Mulder and "Media Rest"
Vulnerable: Apache Airflow 1.10.2
Apache Airflow 1.10.1
Apache Airflow 1.10
Apache Airflow 1.9
Apache Airflow 1.8.2
Apache Airflow 1.8
Apache Airflow 1.7
Apache Airflow 1.6
Apache Airflow 1.5
Apache Airflow 1.4
Apache Airflow 1.3
Apache Airflow 0.5
Not Vulnerable: Apache Airflow 1.10.3


 

Privacy Statement
Copyright 2010, SecurityFocus