Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi apache-airflow Security Advisories
Loading...
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4eHYtcDc4ci00ZmM2
Cross-site Scripting in apache-airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1ybWYyLXB3ZnEtaDc1as4AAwAD
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1yZzk0LTg0eGotN2dxM84AAv3Z
Apache Airflow vulnerable to Open RedirectEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoeDktcDY5di1jeDJq
Authentication bypass in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS02cHczLThoOXctMzJnY84AAv2i
Apache Airflow vulnerable to OS Command Injection via example DAGsEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1mdncyLTJwZjctNzd2d84AAv2h
Apache Airflow subject to Exposure of Sensitive InformationEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS01cnA0LTc0OXAtdngyNs4AAu_Y
Apache Airflow vulnerable to Use of Externally-Controlled Format StringEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS00Zmc1LWo0bW0td2ZwZ84AAu_X
Apache Airflow vulnerable to open redirectEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1oODhmLXI3Y3ctOGZ2M84AAp4C
Missing Authentication for Critical Function in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS01ZmY4LTc2MzktNnY2Z84AAum7
Apache Airflow Session Fixation vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2bXEtNHg2Ni1xN2oz
Remote code execution in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow-providers-mysql, apache-airflow
Source: GitHub Advisory Database
Published: 5 months ago
GSA_kwCzR0hTQS1jNzMyLXh2djgtZzk0Y84AAxHL
Command Injection in Apache Airflow and Apache Airflow MySQL ProviderEcosystems: pypi
Packages: apache-airflow-providers-mysql, apache-airflow
Source: GitHub Advisory Database
Published: 5 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2ajQtM2doMi05ZjVq
High severity vulnerability that affects apache-airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwN3YtMmp2ai12NTRy
Moderate severity vulnerability that affects apache-airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5Y3YtOGN2di02NjZj
High severity vulnerability that affects apache-airflow in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS0zdjdnLTRwZzMtN3I2as0vDg
OS Command injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS00amgyLTNjODUtcTY3aM0llQ
Improper Privilege Management in apache-airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS12Y2Y2LTN3djItNXZjcs4AAzHH
Apache Airflow vulnerable to stored Cross-site ScriptingEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02aDItang5di01OHc2
Missing Authorization in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1qY2htLWZtNHEtYzJmcM4AAzHG
Apache Airflow vulnerable to Privilege Context Switching ErrorEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2dnAteDNwci03OXJ4
Apache Airflow Cross-site scripting due to incomplete fix for CVE-2020-13944Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyM3AtZmN2bS14aDdj
SSRF vulnerability in Arache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2Y3EtZ21jMy1xNm04
Plain text storage of passwords in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozOGMtMjVmai1tcjg0
Stored XSS in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cDMtcXc1Yy1taHBj
Multiple stored XSS in RBAC Admin screens in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlnMnctNWYzdi1tZm1t
Insecure default config of Celery worker in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS02NXh3LXBjcXctaGpyaM0vEA
Cross site scripting in apache airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqdmctcTU3di1tampj
XSS in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 3 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cmMteDg0cS1wdjRm
Improper Certificate Validation in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4d3YtcmpybS01NzZw
Cross-Site Request Forgery (CSRF) in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmZzQtajU2Mi1tanJj
Improper Input Validation in Apache Airflow resulting in Remote Code ExecutionEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoMzctY3g4My1xNTQy
Improper Authentication in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1oNjNyLTl4eGYtZjJjN84AAvr2
Apache Airflow Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1mOWZxLTc4Y2gtNHdtas4AAvr3
Apache Airflow Open Redirect vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 3 months ago
GSA_kwCzR0hTQS1oNmc1LXdxcXItM213M84AAyIE
Sensitive Information in Error Messages in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 3 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmdzMtNm1wNi1qbXZq
Improper Access Control in AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwd3EtZmo4OS02cmpj
Apache Airflow Cross-site ScriptingEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS00NXI2LWozY2MtNm14eM4AAwAC
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1xOGg5LXBxY3gtNTlod84AAunZ
Apache Airflow exposes arbitrary file contentEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzcDQtZ3c3ci13cWpj
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page viewsEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncWctM2Z4ci05aHY3
Cross site scripting in apache-airflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3NnItcWZqai1jMjR3
Command injection via Celery broker in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: almost 3 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdteDUteDM3Mi14aDg3
Incorrect Session Validation in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 8 months ago
GSA_kwCzR0hTQS0zcThyLWYzcGotM2djNM4AAvNL
Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or APIEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS03d3FmLWgzNnctNDdtY84AAwAE
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 7 months ago
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-cpu
387
tensorflow-gpu
384
apache-airflow
45
ansible
44
django
42
rdiffweb
40
Pillow
39
opencv-contrib-python
30
opencv-python
30
Plone
26
matrix-synapse
25
apache-superset
22
vyper
16
Django
15
notebook
13
pyftpdlib
13
nova
13
onionshare-cli
11
modoboa
11
calibreweb
11
twisted
10
opencv-contrib-python-headless
9
opencv-python-headless
9
waitress
9
cobbler
9
kiwitcms
8
OctoPrint
8
pyload-ng
8
glance
8
wagtail
8
keystone
8
cryptography
8
Flask-AppBuilder
7
pillow
7
pysaml2
7
numpy
7
urllib3
7
mlflow
7
lief
6
ipython
6
inventree
6
python-gnupg
6
Zope2
6
Zope
5
bleach
5
salt
5
matrix-sydent
5
tuf
5
pip
5
feedparser
5
lxml
5
swift
5
aws-iot-device-sdk-v2
4
awsiotsdk
4
qutebrowser
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
starlette
4
Flask-Security-Too
4
gerapy
4
Jinja2
4
markdown2
4
requests
4
neutron
4
graphite-web
4
nltk
4
jupyter-server
4
FreeTAKServer-UI
4
pyspark
4
scrapy
4
nvflare
4
apache-airflow-providers-apache-hive
4
cinder
3
indy-node
3
plone
3
protobuf
3
ckan
3
poetry
3
Pygments
3
Werkzeug
3
bitlyshortener
3
vantage6
3
plone.supermodel
3
flask
3
plone.app.event
3
plone.app.dexterity
3
plone.app.theming
3
ujson
3
omero-web
3
Products.PluggableAuthService
3
ansible-runner
3
jupyterhub
3
fava
3
mailman
3
bottle
3
paramiko
3
werkzeug
3
oauthenticator
3
pgadmin4
3
saleor
3
quokka
3
pyyaml
3
python-keystoneclient
3
httpie
3
mistune
3
mitmproxy
3
gradio
3
Weblate
3
django-helpdesk
3
ecdsa
3
datasette
3
aubio
3
moin
3
mayan-edms
3
Twisted
2
google/protobuf
2
label-studio
2
com.google.protobuf:protobuf-parent
2
github.com/protocolbuffers/protobuf
2
Google.Protobuf
2
untangle
2
openzeppelin-cairo-contracts
2
html5lib
2
aws-encryption-sdk-cli
2
petl
2
indico
2
parlai
2
apache-iotdb
2
markdown-it-py
2
mindsdb
2
guarddog
2
CairoSVG
2
pyjwt
2
pretalx
2
reportlab
2
apache-airflow-providers-google
2
tripleo-ansible
2
autobahn
2
flower
2
djangorestframework
2
aws-encryption-sdk
2
openapi-python-client
2
aiohttp-session
2
ubi-reader
2
rpyc
2
sanic
2
wagtail-2fa
2
typed-ast
2
redis
2
streamlit
2
aioxmpp
2
shuup
2
django-unicorn
2
simiki
2
dompurify
2
bikeshed
2
pycrypto
2
mako
2
in-toto
2
tripleo-heat-templates
2
sqlparse
2
py
2
sickrage
2
SQLAlchemy
2
webargs
2
rsa
2
aiohttp
2
httplib2
2
Red-DiscordBot
2
python-cjson
2
logilab-common
2
red-arrow
2
pyarrow
2
uvicorn
2
web2py
2
ctx
2
websockets
2
pyopenssl
2
python-ldap
2
django-sendfile2
2
tryton
2
safeurl-python
2
keyring
2
superset
2
paddlepaddle
2
pywasm3
2
trytond
2
roundup
2
pytorch-lightning
2
starkbank-ecdsa
2
binwalk
2
tlslite-ng
2
proteus
2
org.apache.spark:spark-parent_2.12
2
archivy
2
FreeTAKServer
2
distributed
2
scout-browser
2
django-anymail
2
python-libnmap
2
localstack
2
Products.CMFPlone
2
django-two-factor-auth
1
django-basic-auth-ip-whitelist
1
transformers
1
tornado
1
AccessControl
1
PyYAML
1
python-engineio
1
luigi
1
Products.PlonePAS
1
guake
1
url_regex
1
xmpp-http-upload
1
blazar-dashboard
1
aleksis-core
1
django-mfa3
1
datasette-graphql
1
amundsen-frontend
1
red-dashboard
1
flask-session-captcha
1
pollbot
1
alerta-server
1
py-mini-racer
1
botframework-connector
1
mod-wsgi
1
jsnapy
1
mercurial
1
django-rest-registration
1
jinja2
1
nemo_toolkit
1
rencode
1
pypiserver
1
jupyter_server
1
Lin-CMS
1
invenio-drafts-resources
1
invenio-rdm-records
1
papermerge
1
org.apache.spark:spark-core
1
sopel-modules.weather
1
invenio-records
1
tenable-jira-cloud
1
io.github.talelin:lin-cms-core
1
asyncpg
1
supervisor
1
xml2rfc
1
pymdown-extensions
1
svglib
1
jw.util
1
contentful
1
mpmath
1
invenio-app-rdm
1
gateone
1
thefuck
1
mysql-connector-python
1
jupyter-notebook
1
git-url-parse
1
openssh-key-parser
1
psiTurk
1
weixin-python
1
fastapi
1
TurboGears
1
blackduck
1
Kotti
1
Flask-Unchained
1
barbican
1
onnx
1
ihatemoney
1
XML2Dict
1
pywin32
1
django-celery-results
1
Glances
1
celery
1
pipenv
1
ladon
1
libtaxii
1
Flask-Caching
1
marshmallow
1
dnslib
1
recommender-xblock
1
mitogen
1
django-cms
1
pywb
1
CoAPthon3
1
django-widgy
1
django-crm
1
pulsar-client
1
omero-figure
1
CoAPthon
1
sqla-yaml-fixtures
1
sqlite-web
1
conference-scheduler-cli
1
pycryptodome
1
marcador
1
safety
1
mage-ai
1
py-evm
1
django-epiceditor
1
leo
1
spotipy
1