Safety vulnerability ID: 71685
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of Apache Airflow are vulnerable to an improper preservation of permissions vulnerability. This issue causes the local file task handler to incorrectly set write permissions on all parent folders of the log directory, potentially exposing sensitive directories and disrupting SSH operations when logs reside in home directories. The attack vector exploits misconfigured permission settings in non-containerized deployments, especially when running as root with a restrictive umask. Mitigation involves upgrading to Apache Airflow 2.8.4, using a non-root user, or changing the file_task_handler_new_folder_permissions configuration to 0o755.
Latest version: 2.10.5
Programmatically author, schedule and monitor data pipelines
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application