Hussein Awala

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.8.1 **Description** The issue is related to the deserialization mechanism in Apache Airflow, allowing a potential attacker to poison the XCom data by bypassing the protection of the `enable xcom pickling=False` configuration setting, resulting in poisoned data after XCom deserialization. This issue is considered low severity as it requires a DAG author to exploit it. **Recommendations** To resolve the issue, users are recommended to upgrade to version 2.8.1 or later, which fixes this issue. As a temporary workaround, consider disabling the `enable xcom pickling` setting until a patch is available. Restrict access to the XCom data to minimize the risk of exploitation. Avoid using the `enable xcom pickling=False` configuration setting in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Airflow versions 5.2.0 through 6.x Airflow versions 2.3.0 through 2.6.0 **Description** The Airflow worker serializes a Kubernetes configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption when using deferrable mode. This allows anyone with access to the metadata or triggerer log to obtain the configuration file and use it to access the Kubernetes cluster. The configuration dictionary will be logged as plain text in the triggerer service without masking for Airflow versions between 2.3.0 and 2.6.0. **Recommendations** For Airflow versions 5.2.0 through 6.x, upgrade to version 7.0.0 to fix the issue. For Airflow versions 2.3.0 through 2.6.0, upgrade to version 7.0.0 to fix the issue and prevent logging of the configuration dictionary in plain text. As a temporary workaround, consider restricting access to the metadata and triggerer logs to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.7.3 **Description** The issue is related to insufficient protection of internal data in Apache Airflow, allowing an authorized user with limited access to read specific DAGs to also read information about task instances in other DAGs. This can lead to unauthorized access to protected information. **Recommendations** For Apache Airflow versions prior to 2.7.3, upgrade to version 2.7.3 or newer to mitigate the risk associated with this issue.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions 2.7.0 through 2.7.1 **Description** The issue allows an authenticated user to retrieve sensitive configuration information when the `expose config` option is set to "non-sensitive-only". The `expose config` option is False by default. Approximately 39,118 devices may be affected. **Recommendations** For Apache Airflow versions 2.7.0 and 2.7.1, it is recommended to upgrade to a version that is not affected. As a temporary workaround, consider setting the `expose config` option to False to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.7.2 **Description** The issue allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs, revealing the `dag ids` and the stack-traces of import errors for those DAGs with import errors. **Recommendations** For Apache Airflow versions prior to 2.7.2, upgrade to version 2.7.2 or newer to mitigate the risk associated with this issue.