Untriaged
Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.
Affected products
airflow
- ==2.9.0
apache-airflow
- <2.9.1
Matching in nixpkgs
pkgs.apache-airflow
Programmatically author, schedule and monitor data pipelines
-
nixos-unstable -
- nixpkgs-unstable 2.7.3
Package maintainers
-
@bhipple Benjamin Hipple <bhipple@protonmail.com>
-
@ingenieroariel Ariel Nunez <ariel@nunez.co>
-
@gbpdt Graham Bennett <nix@pdtpartners.com>