Safety vulnerability ID: 74262
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of Apache Airflow are vulnerable to Exposure of Sensitive Information (CWE-201). This vulnerability allows authenticated users with audit log access to view sensitive configuration variables in task logs by setting them via the CLI. The attack vector involves executing CLI commands that store sensitive variables unencrypted in audit logs within cli.py, enabling unauthorized access to critical data. To mitigate, upgrade to Airflow version which masks secrets in task logs, preventing the exposure of sensitive configuration data. Additionally, users should manually delete any previously logged secret variables from the log table.
Latest version: 2.10.4
Programmatically author, schedule and monitor data pipelines
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application