Latest apache airflow Vulnerabilities

CVE-2023-50944
Apache Airflow: Bypass permission verification to read code of other dags
pip/apache-airflow>=0<2.8.1
Apache Airflow<2.8.1
CVE-2023-50943
Apache Airflow: Potential pickle deserialization vulnerability in XComs
pip/apache-airflow>=0<2.8.1
Apache Airflow<2.8.1
CVE-2023-51702
Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service
pip/apache-airflow-providers-cncf-kubernetes>=5.2.0<7.0.0
pip/apache-airflow>=2.3.0<2.6.1
Apache Airflow>=2.3.0<2.6.1
Apache Airflow CNCF Kubernetes>=5.2.0<7.0.0
CVE-2023-48291
Apache Airflow: Improper access control to DAG resources
pip/apache-airflow<2.8.0
Apache Airflow<2.8.0
CVE-2023-50783
Apache Airflow: Improper access control vulnerability on the "varimport" endpoint
pip/apache-airflow<2.8.0
Apache Airflow<2.8.0
<2.8.0
CVE-2023-47265
Apache Airflow: DAG Params alllow to embed unchecked Javascript
pip/apache-airflow>=2.6.0<=2.7.3
Apache Airflow>=2.6.0<=2.7.3
CVE-2023-49920
Apache Airflow: Missing CSRF protection on DAG/trigger
pip/apache-airflow>=2.7.0<2.8.0
Apache Airflow>=2.7.0<=2.7.3
CVE-2023-42781
Apache Airflow: Permission verification bypass allows viewing dagruns of other dags
Apache Airflow<2.7.3
pip/apache-airflow<2.7.3
CVE-2023-47037
Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access)
Apache Airflow<2.7.3
pip/apache-airflow<2.7.3
CVE-2023-46215
Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend
Apache Airflow>=1.10.0<2.7.0
Apache Airflow Celery provider>=3.3.0<=3.4.0
pip/apache-airflow>=1.10.0<2.7.0
pip/apache-airflow-providers-celery>=3.3.0<3.4.1
CVE-2023-46288
Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set
Apache Airflow>=2.4.0<2.7.0
pip/apache-airflow>=2.4.0<2.7.2
CVE-2023-42663
Apache Airflow: Bypass permission verification to view task instances of other dags
pip/apache-airflow>=0<2.7.2
<2.7.2
Apache Airflow<2.7.2
CVE-2023-42792
Apache Airflow: Improper access control to DAG resources
Apache Airflow<2.7.2
CVE-2023-45348
Apache Airflow: Configuration information leakage vulnerability
Apache Airflow>=2.7.0<2.7.2
pip/apache-airflow>=2.7.0<2.7.2
CVE-2023-42780
Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature
pip/apache-airflow<2.7.2
Apache Airflow<2.7.2
CVE-2023-40611
Apache Airflow Dag Runs Broken Access Control Vulnerability
pip/apache-airflow>=0<2.7.1
Apache Airflow<2.7.3
Apache Airflow<2.7.1
CVE-2023-40712
Apache Airflow: Secrets can be unmasked in the "Rendered Template"
Apache Airflow<2.7.1
pip/apache-airflow>=0<2.7.1
CVE-2023-40273
Session fixation in Apache Airflow web interface
Apache Airflow<=2.7.0
pip/apache-airflow<2.7.0
CVE-2023-37379
Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature
pip/apache-airflow<2.7.0
Apache Airflow<2.7.0
CVE-2023-39441
Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation
Apache Airflow<2.7.0
Apache Apache-airflow-providers-imap<3.3.0
Apache Apache-airflow-providers-smtp<1.3.0
CVE-2023-39508
Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges
pip/apache-airflow<2.6.0
Apache Airflow<2.6.0
CVE-2022-46651
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulnerability is considere...
pip/apache-airflow<2.6.3
Apache Airflow<2.6.3
CVE-2023-35908
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected
Apache Airflow<2.6.3
pip/apache-airflow<2.6.3
CVE-2023-36543
Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang. It is recommended to upgrade to a version that is not aff...
Apache Airflow<2.6.3
CVE-2023-22888
Apache Airflow: Scheduler remote DoS
pip/apache-airflow<2.6.3
Apache Airflow<2.6.3
CVE-2023-22887
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the run_id pa...
Apache Airflow<2.6.3
Ibm Infosphere Information Server<=11.7
pip/apache-airflow<2.6.3
CVE-2023-25754
Apache Airflow: Privilege escalation using airflow logs
Apache Airflow<2.6.0
CVE-2023-29247
Stored XSS on Apache Airflow
pip/apache-airflow<2.6.0
Apache Airflow<2.6.0
CVE-2023-25695
Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2.
Apache Airflow<2.5.2
CVE-2023-22884
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider...
Apache Airflow<2.5.1
Apache Apache-airflow-providers-mysql<4.0.0
CVE-2022-40954
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in t...
Apache Airflow<2.3.0
Apache Apache-airflow-providers-apache-spark<4.0.0
CVE-2022-40189
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an attacker to control commands executed ...
Apache Airflow<2.3.0
Apache Apache-airflow-providers-apache-pig<4.0.0
CVE-2022-41131
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands...
Apache Airflow<2.3.0
Apache Apache-airflow-providers-apache-hive<4.1.0
CVE-2022-38649
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands execute...
Apache Airflow<2.3.0
Apache Apache-airflow-providers-apache-pinot<4.0.0
pip/apache-airflow<2.3.0
CVE-2022-45402
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint.
Apache Airflow<2.4.3
CVE-2022-27949
A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and prev...
Apache Airflow<2.3.1
pip/apache-airflow<2.3.1
CVE-2022-40127
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apach...
pip/apache-airflow<2.4.0
Apache Airflow<2.4.0
CVE-2022-43985
In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint.
Apache Airflow<2.4.2
CVE-2022-43982
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument.
Apache Airflow<2.4.2
CVE-2022-41672
In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.
Apache Airflow<=2.4.1
pip/apache-airflow<2.4.1
CVE-2022-40604
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.
pip/apache-airflow>=2.3.0<2.4.0b1
Apache Airflow>=2.3.0<=2.3.4
CVE-2022-40754
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint.
pip/apache-airflow>=2.3.0<2.4.0b1
Apache Airflow>=2.3.0<=2.3.4
CVE-2022-38054
In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation.
Apache Airflow>=2.2.4<=2.3.3
CVE-2022-38170
In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giving world-writable fi...
Apache Airflow<2.3.4
pip/apache-airflow<2.3.4
CVE-2021-45229
It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. This issue affects Apache Airflow versions 2.2.3 and below.
Apache Airflow<=2.2.3
pip/apache-airflow<2.2.4
CVE-2022-24288
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI.
Apache Airflow<2.2.4
CVE-2021-45230
Apache Airflow>=1.10.0<=1.10.15
Apache Airflow>=2.0.0<2.2.0
CVE-2021-38540
The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, poten...
pip/apache-airflow>=2.0.0<2.1.3
Apache Airflow>=2.0.0<2.1.3
CVE-2021-35936
If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds...
Apache Airflow<2.1.2
pip/apache-airflow<2.1.2
CVE-2021-29621
Flask-AppBuilder is a development framework, built on top of Flask. User enumeration in database authentication in Flask-AppBuilder <= 3.2.3. Allows for a non authenticated user to enumerate existing ...
Flask-appbuilder Project Flask-appbuilder<=3.2.3
Apache Airflow=1.10.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203