Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-66388

Опубликовано: 15 дек. 2025
Источник: debian
EPSS Низкий

Описание

A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this issue.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
airflowitppackage

EPSS

Процентиль: 9%
0.00034
Низкий

Связанные уязвимости

nvd логотип

CVE-2025-66388

CVSS3: 6.5
nvd
около 2 месяцев назад

A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this issue.

github логотип

GHSA-fv47-pqh6-wxgq

CVSS3: 6.5
github
около 2 месяцев назад

Apache Airflow exposes secret values to authenticated UI users via rendered templates

EPSS

Процентиль: 9%
0.00034
Низкий