Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache airflow vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-35797
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: prior to 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter. For this t...
Apache Apache-airflow-providers-apache-hive
9.8
CVSSv3
CVE-2023-25754
Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: prior to 2.6.0.
Apache Airflow
9.8
CVSSv3
CVE-2023-28706
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: prior to 6.0.0.
Apache Airflow Hive Provider
9.8
CVSSv3
CVE-2023-25693
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions prior to 3.1.1.
Apache Apache-airflow-providers-apache-sqoop
9.8
CVSSv3
CVE-2023-25696
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions prior to 5.1.3.
Apache Apache-airflow-providers-apache-hive
9.8
CVSSv3
CVE-2023-25691
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions prior to 8.10.0.
Apache Apache-airflow-providers-google
9.8
CVSSv3
CVE-2023-22884
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: prior to 2.5.1; Apache Airflow MyS...
Apache Airflow
Apache Apache-airflow-providers-mysql
2 Github repositories
9.8
CVSSv3
CVE-2022-46421
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: prior to 5.0.0.
Apache Apache-airflow-providers-apache-hive
9.8
CVSSv3
CVE-2022-40189
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an malicious user to control commands executed in the task execution context, without write access to DAG files...
Apache Airflow
Apache Apache-airflow-providers-apache-pig
9.8
CVSSv3
CVE-2022-38649
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an malicious user to control commands executed in the task execution context, without write access to DAG fil...
Apache Airflow
Apache Apache-airflow-providers-apache-pinot
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »