Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification. Users are recommended to upgrade to 2.8.0, which fixes this issue
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| apache-airflow(PyPI) | 0 | 2.8.0 | N/A |
CVSS Metrics
