Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/10 1:23 p.m.3 views

CVE-2026-24098

Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue...

6.5CVSS5.8AI score0.00739EPSS
Exploits0References1
NVD
NVD
added 2026/02/09 11:16 a.m.12 views

CVE-2026-24098

Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue...

6.5CVSS0.00739EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/09 10:32 a.m.2 views

CVE-2026-24098 Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors

Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue...

5.8AI score0.00739EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/12 1:14 p.m.19 views

CVE-2023-42781 Apache Airflow: Permission verification bypass allows viewing dagruns of other dags

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are...

6.4AI score0.01657EPSS
Exploits0References3
PyPA
PyPA
added 2023/10/14 10:15 a.m.5 views

PYSEC-2023-197

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with...

6.5CVSS6.6AI score0.01551EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.9 views

Apache Airflow 信息泄露漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow suffers from an information disclosure vulnerability that can be...

6.5CVSS6AI score0.01551EPSS
Exploits0References4
Rows per page
Query Builder