{
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09"
      },
      "title": "Import Errors API Leaks Unauthorized DAG Stack Traces via Incomplete Per-File RBAC Enforcement",
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "cweId": "CWE-285",
              "type": "CWE"
            }
          ]
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "affected": [
        {
          "vendor": "Apache Software Foundation",
          "product": "Apache Airflow",
          "collectionURL": "https://pypi.python.org",
          "packageName": "apache-airflow",
          "versions": [
            {
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ],
          "defaultStatus": "unaffected"
        }
      ],
      "descriptions": [
        {
          "value": "The public Import Errors API can return unredacted stack traces from files containing DAGs the caller is not authorized to read. File-to-DAG resolution compares absolute paths against relative paths, so in real deployments it often returns an empty set and the single endpoint falls through to returning the raw error. The list endpoint also builds its per-file authorization decision from only the caller-visible subset of DAGs, so a file containing a mix of readable and unreadable DAGs passes the authorization check. Users with the `Op` permission for any DAG on a shared file can read import errors for files containing DAGs they cannot access, leaking stack traces, internal paths, and source-line context. A previously-shipped fix in `apache/airflow#65329` (merged 2026-04-16) was reverted by `apache/airflow#67465` (merged 2026-05-25) because the redact-when-no-readable-DAGs approach required a new dedicated permission with multi-team scoping that does not yet exist. Proper fix is being designed under `apache/airflow#67461` (open feature request). Apache Airflow 3.2.2 ships without a fix; users running deployments that rely on per-DAG authorization for import-error visibility should restrict access to the Import Errors API until the proper fix ships.",
          "lang": "en",
          "supportingMedia": [
            {
              "type": "text/html",
              "base64": false,
              "value": "The public Import Errors API can return unredacted stack traces from files containing DAGs the caller is not authorized to read. File-to-DAG resolution compares absolute paths against relative paths, so in real deployments it often returns an empty set and the single endpoint falls through to returning the raw error. The list endpoint also builds its per-file authorization decision from only the caller-visible subset of DAGs, so a file containing a mix of readable and unreadable DAGs passes the authorization check. Users with the `Op` permission for any DAG on a shared file can read import errors for files containing DAGs they cannot access, leaking stack traces, internal paths, and source-line context. A previously-shipped fix in `apache/airflow#65329` (merged 2026-04-16) was reverted by `apache/airflow#67465` (merged 2026-05-25) because the redact-when-no-readable-DAGs approach required a new dedicated permission with multi-team scoping that does not yet exist. Proper fix is being designed under `apache/airflow#67461` (open feature request). Apache Airflow 3.2.2 ships without a fix; users running deployments that rely on per-DAG authorization for import-error visibility should restrict access to the Import Errors API until the proper fix ships."
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://github.com/apache/airflow/pull/65329",
          "tags": [
            "patch"
          ]
        },
        {
          "url": "https://lists.apache.org/thread/24gfd127xkyx86bvvol1q8bvh53z029t",
          "tags": [
            "vendor-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "other": {
            "type": "Textual description of severity",
            "content": {
              "text": "low"
            }
          }
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "se1en",
          "type": "finder"
        },
        {
          "lang": "en",
          "value": "Jarek Potiuk",
          "type": "remediation developer"
        }
      ],
      "x_generator": {
        "engine": "airflow-s/generate_cve_json.py"
      }
    }
  },
  "cveMetadata": {
    "cveId": "CVE-2026-40913",
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "serial": 1,
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}