In Apache Airflow’s milestone 3.0 release, the development team introduced a “write-only” model that restricts sensitive Connection fields, such as passwords, tokens, and private keys, to users with Connection Editing privileges. Unfortunately, in version 3.0.3, this access control model was inadvertently bypassed, allowing any user with READ permissions to retrieve confidential data via both the […] The post Apache Airflow Bug Leaks Sensitive Details to Users with Read-Only Access ap...
