Apache Airflow Vulnerabilities
Apache Apache Airflow vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Insufficient Session Expiration in Apache Airflow Fab Provider
CVE-2024-45033ApacheApache Airflow Fab Pro...8.1HIGHAirflow Versions Before 2.10.3 Vulnerable to Logging Sensitive Configuration Variables
CVE-2024-45784ApacheApache AirflowAirflow Versions Before 2.10.3 Have a Vulnerability That Allows Unauthorized Access to Sensitive Data
CVE-2024-50378ApacheApache AirflowAirflow Vulnerability: DAG Authors Can Execute Code During Scheduling
CVE-2024-45034ApacheApache AirflowArbitrary Command Execution Vulnerability in Airflow
CVE-2024-45498ApacheApache AirflowApache Airflow Vulnerability: Cross-Site Scripting Attack
CVE-2024-41937ApacheApache Airflow6.1MEDIUMInsufficient Session Expiration Vulnerability in Apache Airflow Providers FAB
CVE-2024-42447ApacheApache Airflow Provide...9.8CRITICALArbitrary Code Execution Vulnerability in Apache Airflow
CVE-2024-39877ApacheApache Airflowπ°8.8HIGHAirflow Update: Security Vulnerability Affects Versions Before 2.9.3
CVE-2024-39863ApacheApache Airflow5.4MEDIUMWeb Browser Cache Containing Sensitive Information vulnerability in Apache Airflow
CVE-2024-25142ApacheApache Airflow5.5MEDIUMAirflow 2.9.0 Vulnerability: Malicious Log Injection Risk
CVE-2024-32077ApacheApache Airflow5.4MEDIUMImproper Certificate Validation vulnerability in Apache Airflow FTP Provider
CVE-2024-29733ApacheApache Airflow Ftp Pro...Airflow Versions 2.7.0 through 2.8.4 Vulnerability: Authenticated User Can Access Sensitive Provider Configuration
CVE-2024-31869ApacheApache AirflowImproper Preservation of Permissions vulnerability in Apache Airflow
CVE-2024-29735ApacheApache AirflowApache Airflow Vulnerability Allows Unauthorized Access to Sensitive Data
CVE-2024-28746ApacheApache Airflow8.1HIGHAirflow Vulnerability: Unauthorized Access to Audit Logs
CVE-2024-26280ApacheApache AirflowApache Airflow Vulnerability Affects DAG Code and Import Errors
CVE-2024-27906ApacheApache AirflowMongo Hook Fixes Unexpected SSL Validation Issue
CVE-2024-25141ApacheApache Airflow Mongo P...Apache Airflow: Bypass permission verification to read code of other dags
CVE-2023-50944ApacheApache Airflow6.5MEDIUMApache Airflow: Potential pickle deserialization vulnerability in XComs
CVE-2023-50943ApacheApache Airflow7.5HIGHApache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service
CVE-2023-51702ApacheApache Airflow Cncf Ku...6.5MEDIUMApache Airflow: DAG Params alllow to embed unchecked Javascript
CVE-2023-47265ApacheApache Airflow5.4MEDIUMApache Airflow: Improper access control vulnerability on the "varimport" endpoint
CVE-2023-50783ApacheApache Airflow6.5MEDIUMApache Airflow: Improper access control to DAG resources
CVE-2023-48291ApacheApache Airflow4.3MEDIUMApache Airflow: Missing CSRF protection on DAG/trigger
CVE-2023-49920ApacheApache Airflow6.5MEDIUM