Lucene search
K

4 matches found

OSV
OSV
added 2026/04/16 11:37 p.m.6 views

BIT-AIRFLOW-2025-66236 Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

7.5CVSS5.7AI score0.00439EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/13 2:20 p.m.26 views

CVE-2025-66236 Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

0.00439EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/13 2:20 p.m.4 views

CVE-2025-66236 Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

5.8AI score0.00439EPSS
Exploits0References2
Hacker One
Hacker One
added 2024/11/07 8:50 a.m.70 views

Internet Bug Bounty: Apache Airflow: Sensitive Information Exposure in DAG Run Logs

The Apache Airflow platform was vulnerable to sensitive information exposure in DAG run logs. Passwords, secrets, and the Fernet key were logged in plain text, which could have resulted in the disclosure of this sensitive information to unauthorized users...

7.5CVSS6.2AI score0.01295EPSS
Exploits0
Rows per page
Query Builder