Lucene search
PRIOn knowledge basePRION:CVE-2023-42780HistoryOct 14, 2023 - 10:15 a.m.
Design/Logic Flaw
2023-10-1410:15:00
PRIOn knowledge base
www.prio-n.com
4
apache airflow
security vulnerability
unauthorized access
dag warnings
upgrade
nvd
Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors.
Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.
Related
cve
cve
CVE-2023-42780
2023-10-14 10:15:10
cnvd
cnvd
Apache Airflow Information Disclosure Vulnerability (CNVD-2023-85612)
2023-10-17 00:00:00
osv
osv
BIT-airflow-2023-42780
2024-03-06 10:52:56
BIT-2023-42780
2023-10-19 06:17:29
cvelist
cvelist
nvd
nvd
CVE-2023-42780
2023-10-14 10:15:10
github
github
hackerone
hackerone
veracode
veracode
Information Disclosure
2023-10-16 07:44:11