CVE-2020-17511: Cleartext Storage of Sensitive Information
(updated )
In Airflow, when creating a user using airflow CLI, the password gets logged in plain text in the Log table in Airflow Metadatase. This also occurrs when creating a Connection with a password field.
References
Detect and mitigate CVE-2020-17511 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →