CNNVD-202506-3061 Information
CNNVD ID
CNNVD-202506-3061
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
Apache Airflow是美国阿帕奇(Apache)基金会的一套用于创建、管理和监控工作流程的开源平台。该平台具有可扩展和动态监控等特点。 Apache Airflow 6.4.0之前版本存在安全漏洞,该漏洞源于未清理特殊元素,可能导致SQL注入。
Description (English)
Apache Airflow is an open-source platform for creating, managing and monitoring work processes for the Apache Foundation in the United States. The platform has such characteristics as scalable and dynamic monitoring. There is a security loophole in the pre-Apache AirFlow 6.4.0, which originated from uncleaned special elements and could lead to the injection of SQL.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-06-24
Last Modified
2026-02-24
References
https://github.com/apache/airflow/pull/51734 https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3 https://access.redhat.com/security/cve/cve-2025-50213
Patch
https://airflow.apache.org/docs/apache-airflow/stable/start.html
Share on: