Lucene search
ApacheVULNRICHMENT:CVE-2023-50944HistoryJan 24, 2024 - 12:58 p.m.
CVE-2023-50944 Apache Airflow: Bypass permission verification to read code of other dags
2024-01-2412:58:18
CWE-862
apache
github.com
2
apache airflow
vulnerability
authenticated user
unauthorized dags
version 2.8.1 fix
Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they donβt have access.Β This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version 2.8.1, which fixes this issue.
Related
osv
osv
Apache Airflow: Bypass permission verification to read code of other dags
2024-01-24 15:30:30
BIT-airflow-2023-50944
2024-03-06 10:50:38
PYSEC-2024-14
2024-01-24 13:15:00
cvelist
cvelist
github
github
Apache Airflow: Bypass permission verification to read code of other dags
2024-01-24 15:30:30
prion
prion
Code injection
2024-01-24 13:15:00
nvd
nvd
CVE-2023-50944
2024-01-24 13:15:08
veracode
veracode
Improper Authorization
2024-01-25 12:22:46
cve
cve
CVE-2023-50944
2024-01-24 13:15:08
AI Score
6.4
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-50944