Jed Cunningham

**Name of the Vulnerable Software and Affected Versions** Airflow versions prior to 3.2.1 **Description** The authenticated '/ui/dags' endpoint fails to enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance records. This allows a logged-in user with read access to at least one DAG to retrieve HITL prompts, including their request parameters, and full TaskInstance details for DAGs outside their authorized scope. Since HITL prompts and TaskInstance fields often contain operator parameters and free-form context, this issue expands the visibility of DAG-run data beyond the intended Role-Based Access Control (RBAC) boundaries for all authenticated users. **Recommendations** Upgrade to version 3.2.1.

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.8.2 **Description** The issue allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. This is related to the disclosure of information in the error data area. Exploitation of the issue may allow a remote attacker to access the source code of DAGs. **Recommendations** For Apache Airflow versions prior to 2.8.2, upgrade to version 2.8.2 or newer to mitigate the risk associated with this issue. As a temporary workaround, consider restricting access to the API and UI for authenticated users until a patch is available.