CNNVD-202510-4242 Information

CNNVD ID

CNNVD-202510-4242

Related CVE

CVE-2025-54941

• CNNVD Published: 2025-10-30

Description (Chinese)

Apache Airflow是美国阿帕奇（Apache）基金会的一套具有创建、管理和监控工作流程功能的开源平台。该平台具有可扩展和动态监控等特点。 Apache Airflow存在安全漏洞，该漏洞源于参数未经验证，可能导致重定向到恶意服务器并在工作节点上执行代码。

Description (English)

Apache Airflow is an open-source platform for the Apache Foundation in the United States with the function of creating, managing and monitoring workflows. The platform has such characteristics as scalable and dynamic monitoring. There is a security loophole in Apache Airflow, which stems from unverified parameters, which may lead to a redirection to a malicious server and the enforcement of codes on the working nodes.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-10-30

Last Modified

2026-02-24

References

https://lists.apache.org/thread/c6q6nofc6xl5bms039ks9b34v0v36df1

Patch

https://lists.apache.org/thread/c6q6nofc6xl5bms039ks9b34v0v36df1