Headline
GHSA-2h84-3crq-vgfj: Apache Airflow Incorrect Authorization vulnerability
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected
Apache Airflow Incorrect Authorization vulnerability
Moderate severity GitHub Reviewed Published Jul 12, 2023 to the GitHub Advisory Database • Updated Jul 12, 2023
Related news
CVE-2023-35908: Check for DAG ID in query param from url as well as kwargs by o-nikolas · Pull Request #32014 · apache/airflow
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected