You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2022/12/26 10:00:57 UTC
[GitHub] [airflow] Vishal2696 opened a new issue, #28591: Security Vulnerability: Airflow using netcat tool. Is it possible to consume airflow without netcat?
Vishal2696 opened a new issue, #28591:
URL: https://github.com/apache/airflow/issues/28591
### Apache Airflow version
Other Airflow 2 version (please specify below)
### What happened
**Deployment Platform:** Kubernetes
**Airflow Version:** 2.2.3
**Executor:** Celery
**Using Redis:** Yes (Redis running as separate pod)
**Metadata Db:** Azure Postgres DB (PAAS)
Hi team,
I was informed by my organization's security team that Airflow is using "netcat" tool and added that the tool increases the capabilities of a potential attacker who is trying to "live off the land".
Are the airflow maintainers already aware of this? As an end-user is it possible for me to consume an official airflow image that does not have netcat?
### What you think should happen instead
_No response_
### How to reproduce
_No response_
### Operating System
Linux
### Versions of Apache Airflow Providers
_No response_
### Deployment
Other Docker-based deployment
### Deployment details
_No response_
### Anything else
_No response_
### Are you willing to submit PR?
- [ ] Yes I am willing to submit a PR!
### Code of Conduct
- [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] uranusjr closed issue #28591: Security Vulnerability: Airflow using netcat tool. Is it possible to consume airflow without netcat?
Posted by GitBox <gi...@apache.org>.
uranusjr closed issue #28591: Security Vulnerability: Airflow using netcat tool. Is it possible to consume airflow without netcat?
URL: https://github.com/apache/airflow/issues/28591
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org