Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.  This is a different issue than CVE-2023-42663 but leading to similar outcome.
Users of Apache Airflow are advised to upgrade to version 2.7.3 or newer to mitigate the risk associated with this vulnerability.

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-42781
• apache/airflow#34939
• https://lists.apache.org/thread/7dnl8nszdxqyns57f3dw0sloy5dfl9o1
• http://www.openwall.com/lists/oss-security/2023/11/12/2
• apache/airflow@33ec729
• https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2023-231.yaml