CVE-2024-28746: Apache Airflow: Ignored Airflow Permissions

CVE-2024-28746: Apache Airflow: Ignored Airflow Permissions

Open Source Security [[{„value“:“

Posted by Ephraim Anierobi on Mar 13

Severity: moderate

Affected versions:

– Apache Airflow 2.8.0 before 2.8.3

Description:

Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited
permissions to access resources such as variables, connections, etc from the UI which they do not have permission to
access. 

Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert