Lucene search
China National Vulnerability DatabaseCNVD-2024-01014HistoryDec 25, 2023 - 12:00 a.m.
Apache Airflow Security Bypass Vulnerability (CNVD-2024-0101425)
2023-12-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
apache
airflow
security
bypass
vulnerability
cnvd
2024
open source
workflow
authentication
Apache Airflow is the United States Apache (Apache) Foundation’s set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.8.0, which can be exploited by an authenticated attacker to gain write access to various DAG resources.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache airflow | lt | 2.8.0 |
Related
veracode
veracode
Improper Authorization
2023-12-22 11:48:05
osv
osv
CVE-2023-48291
2023-12-21 10:15:36
BIT-airflow-2023-48291
2024-03-06 10:51:25
Apache Airflow vulnerable to Exposure of Resource to Wrong Sphere
2023-12-21 12:30:27
cvelist
cvelist
CVE-2023-48291 Apache Airflow: Improper access control to DAG resources
2023-12-21 09:30:46
nvd
nvd
CVE-2023-48291
2023-12-21 10:15:36
prion
prion
Security feature bypass
2023-12-21 10:15:00
cve
cve
CVE-2023-48291
2023-12-21 10:15:36
github
github
Apache Airflow vulnerable to Exposure of Resource to Wrong Sphere
2023-12-21 12:30:27