Lucene search
K

3 matches found

OSV
OSV
added 2024/01/24 1:15 p.m.20 views

CVE-2023-51702

Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an...

6.5CVSS6.6AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/01/24 12:56 p.m.10 views

CVE-2023-51702 Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service

Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an...

6.9AI score0.00381EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/01/24 12:56 p.m.39 views

CVE-2023-51702 Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service

Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an...

6.5AI score0.00381EPSS
Exploits0References5
Rows per page
Query Builder