You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@airflow.apache.org by Jarek Potiuk <po...@apache.org> on 2023/05/08 11:50:58 UTC

CVE-2023-25754: Apache Airflow: Privilege escalation using airflow logs

Severity: moderate

Affected versions:

- Apache Airflow before 2.6.0

Description:

Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.

Credit:

ksw9722@naver.com (finder)

References:

https://github.com/apache/airflow/pull/29506
https://airflow.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-25754


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@airflow.apache.org
For additional commands, e-mail: users-help@airflow.apache.org