Apache Update
1744Warning Date
Severity Level
Warning Number
Target Sector
15 December, 2020
● High
2020-2195
All
Description:
Apache has released security update to address two vulnerabilities in the following product:
- Apache Airflow
- Versions earlier than 1.10.13
Threats:
When creating a user using airflow CLI the password gets logged in plain text in the Log table in Airflow Metadatase
Best practice and Recommendations:
The CERT team encourages users to review Apache security advisory and apply the necessary update: