Security
Headlines

Headlines Latest CVEs

Headline

GHSA-wpg8-mf6h-gm92: Apache Airflow Incorrect Authorization vulnerability

Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc.

Users should upgrade to version 2.7.1 or later which has removed the vulnerability.

1 year ago

#vulnerability #apache #git #auth

Apache Airflow Incorrect Authorization vulnerability

Moderate severity GitHub Reviewed Published Sep 12, 2023 to the GitHub Advisory Database

Related news

Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc. Users should upgrade to version 2.7.1 or later which has removed the vulnerability.

1 year ago

#vulnerability #apache #auth

ghsa: Latest News

GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

5 hours ago

GHSA-93ww-43rr-79v3: Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination

8 hours ago

GHSA-jgwc-jh89-rpgq: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

8 hours ago

GHSA-xg58-75qf-9r67: Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges

8 hours ago

GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

8 hours ago