2 matches found
CVE-2026-43826 Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL
The OpenSearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission could harvest the backend...
Apache Airflow 日志信息泄露漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. The Apache Airflow OpenSearch Provider has a vulnerabilit...