In Apache Airflow package versions 2.8.2 to 2.8.4 a medium security vulnerability CVE-2024-29735 was detected. This vulnerability causes permission issues. The issue is resolved in Apache Airflow versions 2.8.4 or newer. A workaround is to avoid using the root user, upgrade to a newer version, or adjust permissions in the Airflow config file. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-29735.
Read more Data AnalyticsCritical security alert for Apache Airflow versions 2.8.2 to 2.8.3: flawed log directory permissions expose systems to potential compromise. Primarily impacting root-run setups, this issue could endanger the entire filesystem. Remedies include operating as a non-root user, upgrading to version 2.8.4 or later, tightening folder permissions, and conducting thorough access reviews. Prompt measures and adherence to security best practices are vital for safeguarding Airflow environments.
Read more Data Analytics