Question 1

What is CVE-2020-13927 — Apache Airflow's Experimental API Authentication Bypass?

Accepted Answer

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.

Question 2

What is the authoritative source for CVE-2020-13927?

Accepted Answer

Apache Airflow's Experimental API Authentication Bypass (CVE-2020-13927) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2020-13927Apache Airflow's Experimental API Authentication Bypass

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6