CVE-2019-0216
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.
Published at
2019-04-10
1012 days ago
Modified
2019-04-11
1011 days ago
2019
Year
The year of the turtle
https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E
MISC:https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E
http://www.openwall.com/lists/oss-security/2019/04/10/6
MLIST:[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component
Vulnerability RAW
{
"Title": {
"_text": "CVE-2019-0216"
},
"Notes": {
"Note": [
{
"_text": "A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views."
},
{
"_text": "2019-04-10"
},
{
"_text": "2019-04-11"
}
]
},
"CVE": {
"_text": "CVE-2019-0216"
},
"References": {
"Reference": [
{
"URL": {
"_text": "http://www.securityfocus.com/bid/107869"
},
"Description": {
"_text": "BID:107869"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E"
},
"Description": {
"_text": "MISC:https://lists.apache.org/thread.html/2de387213d45bc626d27554a1bde7b8c67d08720901f82a50b6f4231@%3Cdev.airflow.apache.org%3E"
}
},
{
"URL": {
"_text": "http://www.openwall.com/lists/oss-security/2019/04/10/6"
},
"Description": {
"_text": "MLIST:[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component"
}
}
]
}
}