Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated malicious user to inject malicious data into the task instance logs.
Users are recommended to upgrade to version 2.9.1, which fixes this issue.
Severity: moderate
Affected versions:
- Apache Airflow 290 before 291
Description:
Apache Airflow version 290 has a vulnerability that allows an authenticated attacker to inject malicious data into
the task instance logs
Users are recommended to upgrade to version 291, which fixes this issue
Credit:
Ming (finder)
Jens Scheffl ...