CVE-2023-42792

CVSS V2 None CVSS V3 None
Description
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.
Overview
  • CVE ID
  • CVE-2023-42792
  • Assigner
  • apache
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-10-14T09:47:07.741Z
  • Last Modified Date
  • 2023-10-14T09:47:07.741Z
History
Created Old Value New Value Data Type Notes
2024-06-25 13:34:46 Added to TrackCVE