CVE-2022-41929 The xwiki-platform-oldcore package is missing authorization, which may allow a user with only Script rights to enable or disable a user.
If upgrading from a version that was affected by this issue, you will likely experience issues with disabling or enabling users. XWiki server errors will
CVE-2022-41131 - OS Command Injection in Apache Airflow Hive Provider Explained
On October 17, 2022, a new vulnerability was disclosed in the Apache Airflow Hive Provider: CVE-2022-41131. This security issue is caused by *Improper Neutralization of
CVE-2022-40954 - OS Command Injection in Apache Airflow Spark Provider – How Attackers Can Read Any File
In September 2022, a critical security vulnerability was disclosed in the Apache Airflow Spark Provider (CVE-2022-40954). This vulnerability may not look dramatic at first, but
CVE-2022-38649 - OS Command Injection Vulnerability in Apache Airflow Pinot Provider – Explained
In August 2022, a critical security issue was discovered in the Apache Airflow Pinot Provider. Labeled CVE-2022-38649, this vulnerability exposes Apache Airflow users to OS
CVE-2022-40189 - OS Command Injection in Apache Airflow Pig Provider – What You Need to Know
Apache Airflow is one of the most popular workflow management systems in data engineering and machine learning pipelines. It supports various providers to interact with
Episode
00:00:00
00:00:00