Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Security Advisories for apache-airflow in pypi Clear Filters

Low
9 months ago

Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data GSA_kwCzR0hTQS1qODU3LTJwd20tamptbc4ABBF-

pypi apache-airflow
High
12 months ago

Apache Airflow vulnerable to Execution with Unnecessary Privileges GSA_kwCzR0hTQS05MnhnLWdtcnEtNWMzd84AA_W0

pypi apache-airflow
High
12 months ago

Apache Airflow vulnerable to Improper Encoding or Escaping of Output GSA_kwCzR0hTQS1jMzkyLXdocGMtdmZwcs4AA_Wx

pypi apache-airflow
Moderate
12 months ago

Apache Airflow Cross-site Scripting Vulnerability GSA_kwCzR0hTQS13N2NwLWc4djctcjU0bc4AA-2D

pypi apache-airflow
High
about 1 year ago

Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler GSA_kwCzR0hTQS1nNWh2LXI3NDMtdjhwbc4AA9-F

pypi apache-airflow
Moderate
about 1 year ago

Apache Airflow Potential Cross-site Scripting Vulnerability GSA_kwCzR0hTQS1qNDgyLTQ3eGYtcDI1Y84AA9-G

pypi apache-airflow
Low
about 1 year ago

Apache Airflow does not return the "Cache-Control" header for dynamic content GSA_kwCzR0hTQS05eHBqLTYybW0tMjRoMs4AA9GF

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow: XSS vulnerability in Task Instance Log/Log Details GSA_kwCzR0hTQS01MmdtLXFtZzMtcjRxcM4AA8CD

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used GSA_kwCzR0hTQS0yNTIyLW1yamMtbTY4OM4AA7Kq

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow Improper Preservation of Permissions vulnerability GSA_kwCzR0hTQS1jZmYzLTVxcnAtaHF4N84AA6TU

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow: Ignored Airflow Permission GSA_kwCzR0hTQS1oNTc0LTY2NDYtdmZ4eM4AA6AB

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users GSA_kwCzR0hTQS02eHdmLXh2ZjMtdjQ1Oc4AA5rU

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow: DAG Code and Import Error Permissions Ignored GSA_kwCzR0hTQS02djZ3LWg4bTYtN212Ms4AA5qK

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service GSA_kwCzR0hTQS1tZzJ4LW1nZ2otNjk1Nc4AA4qb

pypi apache-airflow-providers-cncf-kubernetes, apache-airflow
High
over 1 year ago

Apache Airflow: pickle deserialization vulnerability in XComs GSA_kwCzR0hTQS1jM2M2LWYyd3cteGZyMs4AA4qZ

pypi apache-airflow
High
over 1 year ago

Apache Airflow: Bypass permission verification to read code of other dags GSA_kwCzR0hTQS12bTVtLXFtcngtZnc4d84AA4qc

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow Cross-Site Request Forgery vulnerability GSA_kwCzR0hTQS02bTlyLTd3cngteG1yNs4AA39d

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow Improper Access Control vulnerability GSA_kwCzR0hTQS01OTM4LTc5aGcteGgzcc4AA39c

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow vulnerable to Exposure of Resource to Wrong Sphere GSA_kwCzR0hTQS04ZjU3LXdjbWctNGptaM4AA39V

pypi apache-airflow
Moderate
over 1 year ago

Apache Airflow has a stored cross-site scripting vulnerability GSA_kwCzR0hTQS1weGNoLXdyN20tcnd4as4AA39U

pypi apache-airflow
High
almost 2 years ago

Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized Actor GSA_kwCzR0hTQS1yN3g2LXhmY20tM214ds4AA3Cw

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes GSA_kwCzR0hTQS1obTlyLTdmODQtMjVjOc4AA3Cv

pypi apache-airflow
High
almost 2 years ago

Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability GSA_kwCzR0hTQS02NjZnLXJmYzUtYzlqds4AA2wn

pypi apache-airflow, apache-airflow-providers-celery
Moderate
almost 2 years ago

Apache Airflow vulnerable to Exposure of Sensitive Information GSA_kwCzR0hTQS05cXFnLW1oN2MtY2hmcc4AA2oC

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow vulnerable to privilege escalation GSA_kwCzR0hTQS1qM3c4LTJwMmgtbXJyOc4AA2ci

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow vulnerable to sensitive information exposure GSA_kwCzR0hTQS0zMndyLXFxdzYtNW1mcM4AA2cg

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow vulnerable to sensitive information exposure when users list warnings for all DAGs GSA_kwCzR0hTQS1jZ3gyLXJybXItang0M84AA2ch

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only GSA_kwCzR0hTQS1mcHh4LXh2NGMtZ3hxcM4AA2cj

pypi apache-airflow
High
almost 2 years ago

Apache Airflow information exposure vulnerability GSA_kwCzR0hTQS1tanFoLXY1ZjItZzJtd84AA11j

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow Incorrect Authorization vulnerability GSA_kwCzR0hTQS13cGc4LW1mNmgtZ205Ms4AA11i

pypi apache-airflow
High
almost 2 years ago

Apache Airflow Session Fixation vulnerability GSA_kwCzR0hTQS1wbTg3LTI0d3Etcjh3Oc4AA1eM

pypi apache-airflow
Moderate
almost 2 years ago

Apache Airflow missing Certificate Validation GSA_kwCzR0hTQS01ZjM1LXBxMzQtYzg3cc4AA1eK

pypi apache-airflow, apache-airflow-providers-imap, apache-airflow-providers-smtp
High
almost 2 years ago

Apache Airflow denial of service vulnerability GSA_kwCzR0hTQS14Mm1oLThmbWMtcnFnaM4AA1eL

pypi apache-airflow
High
about 2 years ago

Apache Airflow Execution with Unnecessary Privileges GSA_kwCzR0hTQS0yNjl4LXBnNWMtNXhnbc4AA1D-

pypi apache-airflow
High
about 2 years ago

Apache Airflow Incorrect Authorization vulnerability GSA_kwCzR0hTQS0yaDg0LTNjcnEtdmdmas4AA0pT

pypi apache-airflow
High
about 2 years ago

Apache Airflow Improper Input Validation vulnerability GSA_kwCzR0hTQS0zaDRtLW01NXYtZ3g0bc4AA0pL

pypi apache-airflow
High
about 2 years ago

Apache Airflow Improper Input Validation vulnerability GSA_kwCzR0hTQS01OTQ2LThwMzgtdmZmcM4AA0pU

pypi apache-airflow
High
about 2 years ago

Apache Airflow Path Traversal vulnerability GSA_kwCzR0hTQS1nZ3dyLTR2cjgtZzd3ds4AA0pO

pypi apache-airflow
High
about 2 years ago

Apache Airflow information disclosure vulnerability GSA_kwCzR0hTQS14dnc5LTNtaG0teGpxcc4AA0pJ

pypi apache-airflow
High
about 2 years ago

Apache Airflow vulnerable to exposure of sensitive information GSA_kwCzR0hTQS1tamZmLXd2ODUtaG1jas4AAz7T

pypi apache-airflow
Critical
over 2 years ago

Apache Airflow vulnerable to Privilege Context Switching Error GSA_kwCzR0hTQS1qY2htLWZtNHEtYzJmcM4AAzHG

pypi apache-airflow
Moderate
over 2 years ago

Apache Airflow vulnerable to stored Cross-site Scripting GSA_kwCzR0hTQS12Y2Y2LTN3djItNXZjcs4AAzHH

pypi apache-airflow
Moderate
over 2 years ago

Sensitive Information in Error Messages in Apache Airflow GSA_kwCzR0hTQS1oNmc1LXdxcXItM213M84AAyIE

pypi apache-airflow
Critical
over 2 years ago

Command Injection in Apache Airflow and Apache Airflow MySQL Provider GSA_kwCzR0hTQS1jNzMyLXh2djgtZzk0Y84AAxHL

pypi apache-airflow-providers-mysql, apache-airflow
Critical
over 2 years ago

OS Command Injection in Apache Airflow GSA_kwCzR0hTQS1ybWYyLXB3ZnEtaDc1as4AAwAD

pypi apache-airflow
Moderate
over 2 years ago

OS Command Injection in Apache Airflow GSA_kwCzR0hTQS00NXI2LWozY2MtNm14eM4AAwAC

pypi apache-airflow
Critical
over 2 years ago

OS Command Injection in Apache Airflow GSA_kwCzR0hTQS03d3FmLWgzNnctNDdtY84AAwAE

pypi apache-airflow
Moderate
almost 3 years ago

Apache Airflow Contains Open Redirect GSA_kwCzR0hTQS1yZzk0LTg0eGotN2dxM84AAv3Z

pypi apache-airflow
High
almost 3 years ago

Apache Airflow subject to Exposure of Sensitive Information GSA_kwCzR0hTQS1mdncyLTJwZjctNzd2d84AAv2h

pypi apache-airflow
High
almost 3 years ago

Apache Airflow vulnerable to OS Command Injection via example DAGs GSA_kwCzR0hTQS02cHczLThoOXctMzJnY84AAv2i

pypi apache-airflow
Moderate
almost 3 years ago

Apache Airflow Cross-site Scripting vulnerability GSA_kwCzR0hTQS1oNjNyLTl4eGYtZjJjN84AAvr2

pypi apache-airflow
Moderate
almost 3 years ago

Apache Airflow Open Redirect vulnerability GSA_kwCzR0hTQS1mOWZxLTc4Y2gtNHdtas4AAvr3

pypi apache-airflow
High
almost 3 years ago

Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API GSA_kwCzR0hTQS0zcThyLWYzcGotM2djNM4AAvNL

pypi apache-airflow
High
almost 3 years ago

Apache Airflow vulnerable to Use of Externally-Controlled Format String GSA_kwCzR0hTQS01cnA0LTc0OXAtdngyNs4AAu_Y

pypi apache-airflow
Moderate
almost 3 years ago

Apache Airflow contains open redirect GSA_kwCzR0hTQS00Zmc1LWo0bW0td2ZwZ84AAu_X

pypi apache-airflow
Critical
almost 3 years ago

Apache Airflow Session Fixation vulnerability GSA_kwCzR0hTQS01ZmY4LTc2MzktNnY2Z84AAum7

pypi apache-airflow
Moderate
almost 3 years ago

Apache Airflow exposes arbitrary file content GSA_kwCzR0hTQS1xOGg5LXBxY3gtNTlod84AAunZ

pypi apache-airflow
Critical
about 3 years ago

Missing Authentication for Critical Function in Apache Airflow GSA_kwCzR0hTQS1oODhmLXI3Y3ctOGZ2M84AAp4C

pypi apache-airflow
Moderate
over 3 years ago

Apache Airflow Reflected Cross-site Scripting vulnerability in 404 Endpoint GSA_kwCzR0hTQS1ydjI1LTl3Z2oteGc3Nc4AAWPs

pypi apache-airflow
Moderate
over 3 years ago

Apache Airflow Cross-site Scripting Vulnerability GSA_kwCzR0hTQS02NXh3LXBjcXctaGpyaM0vEA

pypi apache-airflow
High
over 3 years ago

OS Command injection in Apache Airflow GSA_kwCzR0hTQS0zdjdnLTRwZzMtN3I2as0vDg

pypi apache-airflow
Moderate
over 3 years ago

Improper Privilege Management in apache-airflow GSA_kwCzR0hTQS00amgyLTNjODUtcTY3aM0llQ

pypi apache-airflow
Moderate
almost 4 years ago

Missing Authorization in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02aDItang5di01OHc2

pypi apache-airflow
Moderate
about 4 years ago

Cross-site Scripting in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4eHYtcDc4ci00ZmM2

pypi apache-airflow
Moderate
about 4 years ago

Improper Authentication in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoMzctY3g4My1xNTQy

pypi apache-airflow
Moderate
about 4 years ago

Apache Airflow Cross-site Scripting MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwd3EtZmo4OS02cmpj

pypi apache-airflow
Critical
over 4 years ago

Authentication bypass in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoeDktcDY5di1jeDJq

pypi apache-airflow
High
over 4 years ago

Incorrect Session Validation in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdteDUteDM3Mi14aDg3

pypi apache-airflow
Moderate
over 4 years ago

Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944 MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2dnAteDNwci03OXJ4

pypi apache-airflow
High
over 4 years ago

Improper Access Control in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmdzMtNm1wNi1qbXZq

pypi apache-airflow
Moderate
over 4 years ago

SSRF vulnerability in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyM3AtZmN2bS14aDdj

pypi apache-airflow
Low
over 4 years ago

Apache Airflow logs passwords in plaintext MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2Y3EtZ21jMy1xNm04

pypi apache-airflow
Moderate
about 5 years ago

Stored XSS in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozOGMtMjVmai1tcjg0

pypi apache-airflow
Critical
about 5 years ago

Insecure default config of Celery worker in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlnMnctNWYzdi1tZm1t

pypi apache-airflow
High
about 5 years ago

Remote code execution (RCE) in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2bXEtNHg2Ni1xN2oz

pypi apache-airflow
Critical
about 5 years ago

Command injection via Celery broker in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3NnItcWZqai1jMjR3

pypi apache-airflow
Moderate
about 5 years ago

Multiple stored XSS in RBAC Admin screens in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cDMtcXc1Yy1taHBj

pypi apache-airflow
Moderate
over 5 years ago

XSS in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqdmctcTU3di1tampj

pypi apache-airflow
High
over 6 years ago

Apache Airflow vulnerable to CSRF Attacks MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2ajQtM2doMi05ZjVq

pypi apache-airflow
Moderate
over 6 years ago

Apache Airflow vulnerable to Stored XSS MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwN3YtMmp2ai12NTRy

pypi apache-airflow
Moderate
over 6 years ago

Apache Airflow vulnerable to Stored XSS MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5Y3YtOGN2di02NjZj

pypi apache-airflow
High
over 6 years ago

Improper Certificate Validation in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cmMteDg0cS1wdjRm

pypi apache-airflow
High
over 6 years ago

Cross-Site Request Forgery (CSRF) in Apache Airflow MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4d3YtcmpybS01NzZw

pypi apache-airflow
Critical
over 6 years ago

Apache Airflow vulnerable to XSS MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncWctM2Z4ci05aHY3

pypi apache-airflow
High
over 6 years ago

Improper Input Validation in Apache Airflow resulting in Remote Code Execution MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmZzQtajU2Mi1tanJj

pypi apache-airflow

Filter by Severity

Moderate 10,164 High 8,086 Critical 3,326 Low 1,457

Filter by Ecosystem

maven 6,744 packagist 5,372 pypi 4,868 npm 4,214 go 2,852 nuget 1,702 cargo 1,074 rubygems 928 hex 37 swift 36 actions 34 pub 10

Filter by Package

tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 Django 107 apache-airflow 85 Plone 72 salt 65 ansible 63 apache-superset 61 mlflow 53 nova 48 django 46 vyper 44 gradio 44 rdiffweb 42 matrix-synapse 42 plone 41 moin 35 keystone 32 opencv-contrib-python 31 opencv-python 31 Pillow 29 pillow 28 open-webui 25 vllm 23 pyload-ng 22 glance 21 langchain 20 aim 20 neutron 19 mercurial 18 mindsdb 18 cobbler 18 calibreweb 17 notebook 17 cryptography 17 OctoPrint 17 PaddlePaddle 16 lollms 16 transformers 16 paddlepaddle 16 ethyca-fides 16 aiohttp 15 vantage6 14 litellm 14 urllib3 14 modoboa 14 pyftpdlib 14 zenml 13 roundup 13 h2o 13 mobsf 12 sentry 12 nautobot 12 twisted 12 wagtail 12 swift 12 horizon 11 onionshare-cli 11 label-studio 11 waitress 11 pgadmin4 11 trytond 11 Flask-AppBuilder 10 opencv-python-headless 10 pyspark 10 opencv-contrib-python-headless 10 cinder 9 ai.h2o:h2o-core 9 agentscope 9 lief 9 kiwitcms 9 ckan 9 python-keystoneclient 9 ryu 9 zope 9 llama-index 8 trac 8 bentoml 8 aubio 8 changedetection.io 8 picklescan 8 Zope 8 ipython 8 dbgpt 8 numpy 8 tornado 8 Zope2 8 web2py 7 pip 7 jupyter-server 7 executorch 7 matrix-sydent 7 copyparty 7 inventree 7 pysaml2 7 scrapy 7 Products.CMFPlone 7 requests 7 whoogle-search 6 apache-iotdb 6 indico 6 Jinja2 6 yt-dlp 6 graphite-web 6 ansible-core 6 mailman 6 mage-ai 6 dtale 6 torch 6 llama-index-core 6 snowflake-connector-python 6 lxml 6 torchserve 6 omero-web 6 Moin 6 codechecker 6 OpenEXR 6 apache-airflow-providers-apache-hive 6 Mezzanine 6 tuf 6 langchain-community 5 grpcio 5 nltk 5 keylime 5 grpc 5 Werkzeug 5 langflow 5 saleor 5 lmdb 5 jupyterhub 5 pretix 5 mayan-edms 5 ait-core 5 werkzeug 5 feedparser 5 paramiko 5 python-gnupg 5 oauthenticator 5 langchain-experimental 5 bleach 5 composio-core 5 onnx 5 fschat 5 setuptools 4 protobuf 4 reportlab 4 org.apache.streampipes:streampipes-parent 4 ray 4 starlette 4 Scrapy 4 bottle 4 esphome 4 homeassistant 4 pandasai 4 nvflare 4 mitmproxy 4 markdown2 4 streampipes 4 MaterialX 4 pywasm3 4 weblate 4 Radicale 4 aws-iot-device-sdk-v2 4 keras 4 jupyterlab 4 qutebrowser 4 koji 4 jwcrypto 4 skops 4 pytorch-lightning 4 flask-cors 4 Pygments 4 frappe 4 GitPython 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 PyPDF2 4 FreeTAKServer-UI 4 jinja2 4 buildbot 4 indy-node 4 tripleo-heat-templates 4 Keystone 4 streamlit 4 RestrictedPython 4 django-helpdesk 4 wasmtime 4 Weblate 4 InvokeAI 4 flask 4 apache-submarine 4 httpie 4 dbt-core 4 Nova 4 Flask-Security-Too 4 awsiotsdk 4 barbican 4 ms-swift 3 plone.app.theming 3 ajenti 3

Filter by Repository

https://github.com/apache/airflow 78