Lucene search
China National Vulnerability DatabaseCNVD-2023-88037HistoryJul 14, 2023 - 12:00 a.m.
Apache Airflow Security Bypass Vulnerability
2023-07-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
apache airflow
security bypass
vulnerability
dag
specially crafted request
attacker
united states apache foundation
open source platform
Apache Airflow is the United States Apache (Apache) Foundation’s set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.6.3, which can be exploited by an attacker to access the DAG by sending a specially crafted request.
Related
veracode
veracode
Missing Authorization
2023-07-13 09:48:14
nvd
nvd
CVE-2023-35908
2023-07-12 10:15:10
cvelist
cvelist
CVE-2023-35908 Apache Airflow: Access to DAGs without relevant permission
2023-07-12 09:14:10
github
github
Apache Airflow Incorrect Authorization vulnerability
2023-07-12 12:31:36
osv
osv
CVE-2023-35908
2023-07-12 10:15:10
PYSEC-2023-119
2023-07-12 10:15:00
Apache Airflow Incorrect Authorization vulnerability
2023-07-12 12:31:36
prion
prion
Design/Logic Flaw
2023-07-12 10:15:00
cve
cve
CVE-2023-35908
2023-07-12 10:15:10