Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-45348

Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the “expose_config” option is set to "non-sensitive-only". The expose_config option is False by default. It is recommended to upgrade to a version that is not affected.

CVE
Open in Source
#vulnerability#apache#auth

Email display mode:

Modern rendering
Legacy rendering

Related news

GHSA-fpxx-xv4c-gxqp: Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only

Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the `expose_config` option is set to `non-sensitive-only`. The `expose_config` option is `False` by default. It is recommended to upgrade to a version that is not affected.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE