Описание
API users via `/api/v2/dagReports` could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| airflow | itp | package |
EPSS
Процентиль: 38%
0.00166
Низкий
Связанные уязвимости
CVSS3: 5.4
nvd
13 дней назад
API users via `/api/v2/dagReports` could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available.
CVSS3: 5.4
github
13 дней назад
Apache Airflow `/api/v2/dagReports` executes DAG Python in API
EPSS
Процентиль: 38%
0.00166
Низкий