Lucene search
K

4 matches found

PyPA
PyPA
added 2026/06/01 9:16 a.m.13 views

PYSEC-2026-172

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

7.5CVSS5.8AI score0.00586EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2026/01/16 12:30 p.m.5 views

apache-airflow-core (>=3.1.0 <=3.1.5), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2025-68438 via apache-airflow (>=3.1.0 <=3.1.5)

apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0rc1, =7.0.0rc1, =1.9.0rc1, =1.9.0rc2 - dkist-processing-test =1.37.0rc2 - dkist-processing-vbi =1.26.0rc1 and more Source cves: CVE-2025-68438 Source advisory: OSV:GHSA-3QMM-R55X-HPXX...

7.5CVSS5.4AI score0.00586EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/16 12:30 p.m.5 views

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2025-68438 via apache-airflow-task-sdk (>=1.0.0 <=1.1.6)

apache-airflow-task-sdk PYPI version =1.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =0.0.6.dev1 and more Source cves: CVE-2025-68438 Source advisory: SNYK:PYTHON-APACHEAIRFLOWTASKSDK-15032537...

7.5CVSS7AI score0.00586EPSS
Exploits0
Circl
Circl
added 2026/01/15 8:40 p.m.6 views

CVE-2025-68438

creationtimestamp| type| source ---|---|--- 2026-01-15 20:40:30+00:00| seen| https://seclists.org/oss-sec/2026/q1/70 2026-01-15 22:02:11+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mcilk7q4om23 2026-01-16 11:20:06+00:00| seen|...

7.5CVSS4.8AI score0.00586EPSS
Exploits0References7
Rows per page
Query Builder