Apache Airflow, versions prior to 2.6.3, is affected by a vulnerability that allows an malicious user to perform unauthorized file access outside the intended directory structure by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache airflow |