Описание
In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| airflow | itp | package |
Связанные уязвимости
CVSS3: 8.1
nvd
больше 3 лет назад
In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.
CVSS3: 8.1
github
больше 3 лет назад
Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API