CVE-2017-17835

Severity CVSS v4.0:
Pending analysis
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
23/01/2019
Last modified:
07/11/2023

Description

In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* 1.8.2 (including)