Lakshmikanthan K

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 3.2.2 **Description** A flaw in the `FileTaskHandler` allows a DAG author to access or modify files outside the configured `base log folder` when the worker log folder is shared with the API server. This can be achieved through a read-path attack by creating a symlink in the task's log directory pointing to an arbitrary file readable by the API server process, such as `/etc/passwd` or `airflow.cfg`. Alternatively, a write-path attack can be performed by providing a `task id` containing `..` sequences that are accepted by the Task SDK's `KEY REGEX`. These actions can lead to the leakage or overwriting of arbitrary files. **Recommendations** Upgrade to version 3.2.2 or later. Deploy the worker and API server with separate log volumes to ensure worker-controlled paths cannot reach the API server's filesystem.

**Name of the Vulnerable Software and Affected Versions** Apache ECharts versions prior to 6.1.0 **Description** A cross-site scripting (XSS) issue exists in the Lines series tooltip rendering logic. When the Lines series and tooltip are used without a user-specified `tooltip.formatter`, and `series.data[i].name` is provided, raw HTML strings in `series.data[i].name` can be rendered through an innerHTML sink into the tooltip content. While tooltips typically allow raw HTML via custom formatters, the built-in formatters usually perform HTML escaping automatically; however, this specific case fails to do so, potentially leading to script execution when tooltips are displayed. **Recommendations** Upgrade to version 6.1.0.

Name of the Vulnerable Software and Affected Versions pymanager (affected versions not specified) Description pymanager included the current working directory in its `sys.path`, allowing modules in the current working directory to shadow intended packages. If a user runs a pymanager-generated command (like `pip` or `pytest`) from a directory controlled by an attacker, a malicious module in that directory could be imported and executed instead of the legitimate package. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.