Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-22922

Опубликовано: 09 фев. 2026
Источник: debian
EPSS Низкий

Описание

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this issue.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
airflowitppackage

Примечания

  • https://www.openwall.com/lists/oss-security/2026/02/09/2

EPSS

Процентиль: 13%
0.00043
Низкий

Связанные уязвимости

nvd логотип

CVE-2026-22922

CVSS3: 6.5
nvd
около 2 месяцев назад

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this issue.

github логотип

GHSA-pm44-x5x7-24c4

CVSS3: 6.5
github
около 2 месяцев назад

Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access

EPSS

Процентиль: 13%
0.00043
Низкий