oss-sec mailing list archives
CVE-2023-25754: Apache Airflow: Privilege escalation using airflow logs
From: Jarek Potiuk <potiuk () apache org>
Date: Mon, 08 May 2023 11:50:58 +0000
Severity: moderate Affected versions: - Apache Airflow before 2.6.0 Description: Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0. Credit: ksw9722 () naver com (finder) References: https://github.com/apache/airflow/pull/29506 https://airflow.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-25754
Current thread:
- CVE-2023-25754: Apache Airflow: Privilege escalation using airflow logs Jarek Potiuk (May 08)