{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T16:14:27.805","vulnerabilities":[{"cve":{"id":"CVE-2024-29733","sourceIdentifier":"security@apache.org","published":"2024-04-21T18:15:45.043","lastModified":"2025-07-10T18:38:50.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Certificate Validation vulnerability in Apache Airflow FTP Provider.\n\nThe FTP hook lacks complete certificate validation in FTP_TLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.create_default_context() during FTP_TLS instantiation is used as mitigation to validate the certificates properly.\n\nThis issue affects Apache Airflow FTP Provider: before 3.7.0.\n\nUsers are recommended to upgrade to version 3.7.0, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de validación de certificado incorrecta en el proveedor FTP Apache Airflow. El enlace FTP carece de una validación completa del certificado en las conexiones FTP_TLS, lo que potencialmente puede aprovecharse. La implementación de una validación de certificados adecuada pasando context=ssl.create_default_context() durante la creación de instancias de FTP_TLS se utiliza como mitigación para validar los certificados correctamente. Este problema afecta al proveedor FTP Apache Airflow: anterior a 3.7.0. Se recomienda a los usuarios actualizar a la versión 3.7.0, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:apache-airflow-providers-ftp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.0","matchCriteriaId":"BB8AC993-0DE8-45D1-BB9E-EABC0C226CD2"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2024/04/19/3","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.python.org/3/library/ssl.html#best-defaults","source":"security@apache.org","tags":["Technical Description"]},{"url":"https://github.com/apache/airflow/blob/95e26118b828c364755f3a8c96870f3591b01c31/airflow/providers/ftp/hooks/ftp.py#L280","source":"security@apache.org","tags":["Product"]},{"url":"https://github.com/apache/airflow/pull/38266","source":"security@apache.org","tags":["Issue Tracking"]},{"url":"https://lists.apache.org/thread/265t5zbmtjs6h9fkw52wtp03nsbplky2","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/04/19/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.python.org/3/library/ssl.html#best-defaults","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]},{"url":"https://github.com/apache/airflow/blob/95e26118b828c364755f3a8c96870f3591b01c31/airflow/providers/ftp/hooks/ftp.py#L280","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/apache/airflow/pull/38266","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://lists.apache.org/thread/265t5zbmtjs6h9fkw52wtp03nsbplky2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}