BIT-airflow-2024-27906

Import Source
https://github.com/bitnami/vulndb/tree/main/data/airflow/BIT-airflow-2024-27906.json
Aliases
Published
2024-03-31T18:16:47.034Z
Modified
2024-05-24T07:53:33.063Z
Summary
[none]
Details

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI.Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk associated with this vulnerability

References

Affected packages

Bitnami / airflow

Package

Name
airflow

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.8.2