Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.4.0 to 2.7.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Apache
Information Disclosure
Airflow
NVD
GitHub
CVSS 3.1
4.3
EPSS
1.4%
HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Path Traversal
Commerce
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev
Page 2 of 2