Описание
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| airflow | itp | package |
EPSS
Процентиль: 87%
0.03417
Низкий
Связанные уязвимости
CVSS3: 5.4
nvd
больше 1 года назад
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.
CVSS3: 5.4
github
больше 1 года назад
Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
EPSS
Процентиль: 87%
0.03417
Низкий