A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks.
Source: NIST
CVE-2019-0229 (airflow)
Security in mind
A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks.
Source: NIST
CVE-2019-0229 (airflow)