CVE-2023-42663: Apache Airflow: Bypass permission verification to view task instances of other dags
Posted: Sat Nov 02, 2024 9:20 am
The vulnerability "CVE-2023-42663: Apache Airflow: Bypass permission verification to view task instances of other DAGs" allows unauthorized users to bypass access controls and view task details across different DAGs. This can lead to unauthorized data access and potential exposure of sensitive information within Apache Airflow workflows.
https://hackerone.com/reports/2208656
https://hackerone.com/reports/2208656