Skip to main content

Apache Airflow Providers Mongo

1 CVEs product

Monthly

CVE-2024-25141 PyPI CRITICAL PATCH Act Now

When ssl was enabled for Mongo Hook, default settings included "allow_insecure" which caused that certificates were not validated. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apache Airflow Providers Mongo
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

When ssl was enabled for Mongo Hook, default settings included "allow_insecure" which caused that certificates were not validated. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apache Airflow Providers Mongo
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy