3 matches found
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +136 more potentially affected by CVE-2022-46651 via apache-airflow (>=1.8.2 <=2.5.3)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2022-46651 Source advisory: OSV:GHSA-XVW9-3MHM-XJQQ...
CVE-2022-46651 Apache Airflow: Security vulnerability on AirFlow Connections
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulnerability is considered low since it requires someone with access to Connection resources specifically updating the...
CVE-2022-46651
Apache Airflow (versions before 2.6.3) is affected by an information-disclosure vulnerability in the Connection edit view. An unauthorized actor with access to Connection resources could potentially view sensitive data when updating a connection. Remediation: upgrade to Airflow 2.6.3 or later, wh...