CVE-2025-62503 | Apache Airflow up to 3.1.0 API /api/v2/dagReports unnecessary privileges

Inserito da Angelo Barbosa | Ott 30, 2025 | CVE

A vulnerability has been found in Apache Airflow up to 3.1.0 and classified as critical. Affected is an unknown function of the file /api/v2/dagReports of the component API. This manipulation causes execution with unnecessary privileges.

This vulnerability is handled as CVE-2025-62503. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2025-62503 | Apache Airflow up to 3.1.0 API /api/v2/dagReports unnecessary privileges

Post correlati

CVE-2024-56339 | IBM WebSphere Application Server trusting http permission methods on the server side

CVE-2024-40089 | Vilo Mesh WiFi System up to 5.16.1.33 Device Name command injection

CVE-2024-21780 | KDDI Home Spot Cube2 up to 102 Command stack-based overflow

CVE-2024-7900 | xiaohe4966 TpMeCMS 1.3.3.2 Basic Configuration config cross site scripting