from 0, < 1.10.11
from 0, < 1.10.11
HIGH8.8⚠ KEVRemote code execution (RCE) in Apache Airflow
from 0, < 1.10.11rc1
HIGH8.8⚠ KEVRemote code execution (RCE) in Apache Airflow
from 0, < 1.10.11rc1
CRITICAL9.8Apache Airflow Providers Edge3 exposes internal API allowing RCE in web server context
from 0, < 2.0.0
CRITICAL9.8Apache Airflow vulnerable to Privilege Context Switching Error
from 0, < 2.6.0
CRITICAL9.8Apache Airflow vulnerable to Privilege Context Switching Error
from 0, < 2.6.0b1
CRITICAL9.8Apache Airflow Sqoop Provider Improper Input Validation vulnerability
from 0, < 3.1.1
CRITICAL9.8Command Injection in Apache Airflow and Apache Airflow MySQL Provider
from 0, < 2.5.1
CRITICAL9.8OS Command Injection in Apache Airflow
from 0, < 2.3.0
CRITICAL9.8OS Command Injection in Apache Airflow
from 0, < 2.3.0
CRITICAL9.8Apache Airflow Session Fixation vulnerability
>= 2.2.4, < 2.3.4rc1
CRITICAL9.8Apache Airflow Session Fixation vulnerability
>= 2.2.4, < 2.3.4rc1
CRITICAL9.8Missing Authentication for Critical Function in Apache Airflow
>= 2.0.0, < 2.1.3
CRITICAL9.8Missing Authentication for Critical Function in Apache Airflow
>= 2.0.0, < 2.1.3
CRITICAL9.8Insecure default config of Celery worker in Apache Airflow
from 0, < 1.10.11rc1
CRITICAL9.8Insecure default config of Celery worker in Apache Airflow
from 0, < 1.10.11
CRITICAL9.8Command injection via Celery broker in Apache Airflow
from 0, < 1.10.11rc1
CRITICAL9.8Command injection via Celery broker in Apache Airflow
from 0, < 1.10.11rc1
CRITICAL9.8Apache Airflow vulnerable to XSS
from 0, < 1.9.0
CRITICAL9.8Apache Airflow vulnerable to XSS
from 0, < 1.9.0
CRITICAL9.1Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern
>= 3.0.0, < 3.2.2
CRITICAL9.1Apache Airflow: JWT token still valid after logout
>= 3.0.0, < 3.2.0
HIGH8.8Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator
>= 3.2.0, < 3.2.2
HIGH8.8Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API
>= 3.1.8, < 3.2.0
HIGH8.8Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API
>= 3.1.8, < 3.2.0
HIGH8.8Apache Airflow vulnerable to Improper Encoding or Escaping of Output
>= 2.10.0, < 2.10.1
HIGH8.8Apache Airflow vulnerable to Execution with Unnecessary Privileges
from 0, < 2.10.1
HIGH8.8Apache Airflow vulnerable to Execution with Unnecessary Privileges
from 0, < 2.10.1
HIGH8.8Apache Airflow vulnerable to Improper Encoding or Escaping of Output
from 0, <= 2.10.0-NA
HIGH8.8Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler
>= 2.4.0, < 2.9.3
HIGH8.8Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler
>= 2.4.0, < 2.9.3
HIGH8.8Apache Airflow Execution with Unnecessary Privileges
from 0, < 2.6.0
HIGH8.8Apache Airflow Execution with Unnecessary Privileges
from 0, < 2.6.0b1
HIGH8.8Apache Airflow vulnerable to OS Command Injection via example DAGs
from 0, < 2.4.0
HIGH8.8Apache Airflow vulnerable to OS Command Injection via example DAGs
from 0, < 2.4.0
HIGH8.8OS Command injection in Apache Airflow
from 0, < 2.2.4
HIGH8.8OS Command injection in Apache Airflow
from 0, < 2.2.4
HIGH8.8Apache Airflow vulnerable to CSRF Attacks
from 0, < 1.10.3b1
HIGH8.8Apache Airflow vulnerable to CSRF Attacks
from 0, < 1.10.3
HIGH8.8Cross-Site Request Forgery (CSRF) in Apache Airflow
from 0, < 1.9.0
HIGH8.8Cross-Site Request Forgery (CSRF) in Apache Airflow
from 0, < 1.9.0
HIGH8.8Improper Input Validation in Apache Airflow resulting in Remote Code Execution
from 0, < 1.9.0
HIGH8.8Improper Input Validation in Apache Airflow resulting in Remote Code Execution
from 0, < 1.9.0
HIGH8.4Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table
from 0, < 2.11.1
HIGH8.1Apache Airflow: RCE by race condition in example_xcom dag
from 0, < 3.2.0
HIGH8.1Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
>= 3.1.0, < 3.1.8
HIGH8.1Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
>= 3.0.0, < 3.1.8
HIGH8.1Apache Airflow: Ignored Airflow Permission
>= 2.8.0, < 2.8.3rc1
HIGH8.1Apache Airflow: Ignored Airflow Permission
>= 2.8.0, < 2.8.3rc1
HIGH8.1Apache Airflow denial of service vulnerability
from 0, < 2.7.0b1
HIGH8.1Apache Airflow denial of service vulnerability
from 0, < 2.7.0
HIGH8.1Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API
from 0, < 2.4.2rc1
HIGH8.1Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API
from 0, < 2.4.1rc1
HIGH8.0Apache Airflow Session Fixation vulnerability
from 0, < 2.7.0rc2
HIGH8.0Apache Airflow Session Fixation vulnerability
from 0, < 2.7.1rc1
HIGH7.7Incorrect Session Validation in Apache Airflow
from 0, < 1.10.14
HIGH7.7Incorrect Session Validation in Apache Airflow
from 0, < 1.10.14
HIGH7.5Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation
>= 3.2.0, < 3.2.2
HIGH7.5Apache Airflow: JWT token appearing in logs
>= 3.0.0, < 3.2.0
HIGH7.5Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
from 0, < 3.2.0
HIGH7.5Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
>= 3.0.0, < 3.2.0
HIGH7.5Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications
>= 3.0.0, < 3.1.8
HIGH7.5Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications
>= 3.0.0, < 3.1.8
HIGH7.5Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata
>= 3.0.0, < 3.1.8
HIGH7.5Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata
>= 3.0.0, < 3.1.8
HIGH7.5Apache Airflow proxy credentials for various providers might leak in task logs
from 0, < 3.1.6
HIGH7.5Apache Airflow secrets in rendered templates could contain parts of sensitive values when truncated
>= 3.1.0, < 3.1.6
HIGH7.5Apache Airflow proxy credentials for various providers might leak in task logs
>= 3.0.0b1, < 3.1.6
HIGH7.5Apache Airflow secrets in rendered templates could contain parts of sensitive values when truncated
>= 3.1.0, < 3.1.6
HIGH7.5Apache Airflow: Sensitive configuration values are not masked in the logs by default
from 0, < 2.10.3
HIGH7.5Apache Airflow: pickle deserialization vulnerability in XComs
from 0, < 2.8.1rc1
HIGH7.5Apache Airflow: pickle deserialization vulnerability in XComs
from 0, < 2.8.1
HIGH7.5Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability
>= 1.10.0, < 2.7.0
HIGH7.5apache-airflow-providers-apache-drill Improper Input Validation vulnerability
from 0, < 2.4.3
HIGH7.5Apache Airflow Drill Provider vulnerable to improper input validation
from 0, < 2.3.2
HIGH7.5Apache Airflow subject to Exposure of Sensitive Information
from 0, < 2.3.1
HIGH7.5Apache Airflow subject to Exposure of Sensitive Information
from 0, < 2.3.1
HIGH7.5Apache Airflow vulnerable to Use of Externally-Controlled Format String
>= 2.3.0, < 2.4.0rc1
HIGH7.5Apache Airflow vulnerable to Use of Externally-Controlled Format String
>= 2.3.0, < 2.4.0b1
HIGH7.5Improper Certificate Validation in Apache Airflow
from 0, < 1.10.1
HIGH7.5Improper Certificate Validation in Apache Airflow
from 0, < 1.10.1
HIGH7.3Apache Airflow: Arbitrary import in custom deadline-reference deserialization
from 0, < 3.2.2
HIGH7.2Apache Airflow allows code execution through crafted XCom payloads
from 0, < 3.2.0
MEDIUM6.5Apache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout path
from 0, < 3.2.2
MEDIUM6.5Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler
from 0, < 3.2.2
MEDIUM6.5Apache Airflow: Rendered template truncation bypasses nested sensitive-key masking
from 0, < 3.2.2
MEDIUM6.5Apache Airflow: Incomplete Redaction of Sensitive Fields in Connection Extra API Response
from 0, < 3.2.2
MEDIUM6.5Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
from 0, < 3.1.8
MEDIUM6.5Apache Airflow has an authorization bypass in DagRun wait endpoint
>= 3.0.0, < 3.2.0
MEDIUM6.5Apache Airflow has an authorization bypass in DagRun wait endpoint
>= 3.0.0, < 3.2.0
MEDIUM6.5Apache Airflow exposes sensitive information in its log files
from 0, < 2.11.1
MEDIUM6.5Apache Airflow error reporting may expose full kwargs
from 0, < 2.11.1
MEDIUM6.5Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access
>= 3.1.0, < 3.1.7
MEDIUM6.5Apache Airflow UI Exposes DAG Import Errors to Unauthorized Authenticated Users
>= 3.0.0, < 3.1.7
MEDIUM6.5Apache Airflow UI Exposes DAG Import Errors to Unauthorized Authenticated Users
from 0, < 3.1.7
MEDIUM6.5Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access
>= 3.1.0, < 3.1.7
MEDIUM6.5Apache Airflow exposes secret values to authenticated UI users via rendered templates
>= 3.1.0, < 3.1.5
MEDIUM6.5Apache Airflow exposes secret values to authenticated UI users via rendered templates
>= 3.1.0, < 3.1.4
MEDIUM6.5Apache Airflow: Connection sensitive details exposed to users with READ permissions
>= 3.0.3, < 3.0.4