CVE-2020-13927

Apache Airflow's Experimental API Authentication Bypass

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication. Vendor/Product: Apache Airflow's Experimental API. Added to CISA KEV 2022-01-18; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2020-13927