How severe is CVE-2023-41267?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-41267?

This is classified as CWE-829, which is a common weakness in software security.

CVE-2023-41267

HIGH Year: 2023

CVSS v3 Score

7.8

High

Weakness Type

CWE-829

View all →

Vulnerability Description

In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The Airflow team has since taken ownership of the package (neutralizing the risk), and fixed the doc strings in version 4.1.1

CVE-2020-13651

HIGH

CVSS:7.8(High)

An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a...

CWE-8292020

CVE-2021-33626

HIGH

CVSS:7.8(High)

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). Thi...

CWE-8292021

CVE-2021-34398

HIGH

CVSS:7.8(High)

NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead ...

CWE-8292021

CVE-2021-34692

HIGH

CVSS:7.8(High)

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.

CWE-8292021