Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.4 views

CVE-2026-32228

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/18 9:30 a.m.5 views

Apache Airflow allows users with asset materialize permissions to trigger DAGs outside of their permissions

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...

7.5CVSS5.7AI score0.00426EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/18 6:19 a.m.4 views

CVE-2026-32228

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...

5.7AI score0.00426EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/18 6:19 a.m.4 views

EUVD-2026-23664

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...

5.7AI score0.00426EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.15 views

PT-2026-33594

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.2.0 Description A user with asset materialize permission via the UI or API can trigger DAGs Directed Acyclic Graphs, which are collections of all the tasks you want to run, organized in a way that reflects their...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References7
Rows per page
Query Builder