{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T03:17:51.242","vulnerabilities":[{"cve":{"id":"CVE-2019-12417","sourceIdentifier":"security@apache.org","published":"2019-10-30T22:15:10.807","lastModified":"2024-11-21T04:22:47.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process."},{"lang":"es","value":"Un usuario administrador malicioso podría editar el estado de los objetos en la base de datos de metadatos de Airflow para ejecutar JavaScript arbitrario en determinadas vistas de página. Esto también presentó una vulnerabilidad de Divulgación de Archivos Local en cualquier archivo legible por el proceso del servidor web."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndIncluding":"1.10.5","matchCriteriaId":"7B9A5AA4-3B36-49AA-A5FD-82825B1F5071"}]}]}],"references":[{"url":"https://lists.apache.org/thread.html/f3aa5ff9c7cdb5424b6463c9013f6cf5db83d26c66ea77130cbbe1bc%40%3Cusers.airflow.apache.org%3E","source":"security@apache.org"},{"url":"https://lists.apache.org/thread.html/f3aa5ff9c7cdb5424b6463c9013f6cf5db83d26c66ea77130cbbe1bc%40%3Cusers.airflow.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}