Timon8 Zhang

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 2.8.1 **Description** The issue is related to a lack of authorization in Apache Airflow, allowing an authenticated user to access the source code of a DAG they do not have access to. This issue is considered low severity as it requires an authenticated user to exploit it. **Recommendations** For Apache Airflow versions prior to 2.8.1, upgrade to version 2.8.1 to fix the issue. As a temporary workaround, consider restricting access to sensitive DAGs until the upgrade is applied.