In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Arbitrary Code Execution vulnerabilities in an interactive lesson.
Start learningUpgrade apache-airflow
to version 1.9.0 or higher.
apache-airflow is a platform to programmatically author, schedule, and monitor workflows.
Affected versions of this package are vulnerable to Arbitrary Code Execution due to unchecked user input being sent to the Python eval
function, allowing for direct execution of parameters. This vulnerability enables any user with the capability to create or edit charts to potentially execute arbitrary code on the server.