GHSA-gprj-xvq8-w53q
Severity by source
AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
5Blast Radius
ecosystem impact- 4 pypi packages depend on apache-airflow (2 direct, 2 indirect)
Ecosystem-wide dependent count for version 3.0.0.
Description PRE-NVD
AnalysisAI
DAG authorization bypass in Apache Airflow 3.0.0-3.2.1 allows authenticated low-privileged users to enumerate DAG structure and cross-DAG dependency topology for DAGs they are not authorized to view, by querying the /ui/structure/structure_data endpoint without proper RBAC enforcement. The endpoint returned external dependency nodes and edges without applying the ReadableDagsFilterDep authorization filter, crossing per-DAG RBAC boundaries. No public exploit exists and EPSS is 0.01% (4th percentile); impact is confined to confidentiality of workflow topology in multi-tenant or fine-grained RBAC deployments.
Technical ContextAI
Apache Airflow's FastAPI-based UI backend exposes /ui/structure/structure_data (implemented in airflow-core/src/airflow/api_fastapi/core_api/routes/ui/structure.py) to render DAG dependency graphs, including cross-DAG relationships via external triggers when external_dependencies=True is passed. The RBAC framework uses requires_access_dag and ReadableDagsFilterDep to restrict which DAGs an authenticated caller may access. CWE-285 (Improper Authorization) identifies the root cause: the handler accepted and returned external dependency data - both DAG dependency nodes and dependency edge targets - without checking whether those referenced DAG IDs appeared in the caller's authorized readable set. The GitHub PR #65342 fix injects ReadableDagsFilterDep, materializes readable_dag_ids, and skips any dependency or edge whose target DAG ID falls outside the authorized set before constructing the response payload.
RemediationAI
Upgrade to Apache Airflow 3.2.2 or later, which incorporates the fix from GitHub pull request #65342 adding ReadableDagsFilterDep enforcement to the structure_data endpoint. The vendor advisory thread is available at https://lists.apache.org/thread/s907bhsksc37m59f0loqjcp1ryobrr60. If an immediate upgrade is not possible, restrict network-level access to the Airflow webserver UI to only explicitly trusted, internally managed user accounts - this does not eliminate the vulnerability but reduces the attacker pool to already-authenticated insiders, consistent with the low EPSS. Additionally, audit current DAG-level RBAC assignments: if no users are subject to per-DAG read restrictions (i.e., all authenticated users have global DAG access), the practical impact of this vulnerability is negligible and the deployment is not meaningfully exposed until the patch can be applied.
More in Open Redirect
View allA malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL ca
GFI Kerio Control versions 9.2.5 through 9.4.5 contain an HTTP response splitting vulnerability in the dest parameter of
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 b
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (li
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3
Flarum is open source discussion platform software. Rated medium severity (CVSS 6.5), this vulnerability is remotely exp
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites
Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for
Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link. Rated crit
Same weakness CWE-285 – Improper Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33596