Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable.
This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification.
Users are recommended to upgrade to 2.8.0, which fixes this issue

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Apache Software Foundation

Apache Airflow

Affected Versions:

References

https://github.com/apache/airflow/pull/33932

https://lists.apache.org/thread/rs7cr3yp726mb89s1m844hy9pq7frgcn

http://www.openwall.com/lists/oss-security/2023/12/21/4

Published: 2023-12-21T09:28:47.746Z

Last Modified: 2025-02-13T17:19:40.647Z

Copied to clipboard!