The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow is related to deficiencies in the deserialization mechanism. This allows attackers to replace the XCom data, thereby bypassing the protection provided by the “enable_xcom_pickling=False” configuration setting.
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to replace the XCom data, thereby bypassing the protection provided b...