apache-airflow uses an insecure default secret key. A default value for secret_key
is set prior to creation of the application, allowing any user to gain unauthorized access to the application if the default secret key is not changed.
CPE | Name | Operator | Version |
---|---|---|---|
apache-airflow | le | 1.10.13 | |
apache-airflow | le | 1.10.13 |