Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
airflow vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-25691
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions prior to 8.10.0.
Apache Apache-airflow-providers-google
7.5
CVSSv3
CVE-2023-25956
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions prior to 7.2.1.
Apache Apache-airflow-providers-amazon
8.8
CVSSv3
CVE-2022-38362
Apache Airflow Docker's Provider before 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
Apache Apache-airflow-providers-docker
8.8
CVSSv3
CVE-2023-22886
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain ai...
Apache Apache-airflow-providers-jdbc
7.8
CVSSv3
CVE-2023-34395
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters t...
Apache Apache-airflow-providers-odbc
7.5
CVSSv3
CVE-2023-25692
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions prior to 8.10.0.
Apache Apache-airflow-providers-google
7.5
CVSSv3
CVE-2023-40272
Apache Airflow Spark Provider, versions prior to 4.1.3, is affected by a vulnerability that allows an malicious user to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version...
Apache Apache-airflow-providers-apache-spark
7.5
CVSSv3
CVE-2023-39553
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an malicious user to pass in malicious parameters when establishing a connection with DrillHook giving an ...
Apache Apache-airflow-providers-apache-drill
9.8
CVSSv3
CVE-2022-46421
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: prior to 5.0.0.
Apache Apache-airflow-providers-apache-hive
9.8
CVSSv3
CVE-2023-25693
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions prior to 3.1.1.
Apache Apache-airflow-providers-apache-sqoop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »