Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2026/04/18 9:30 a.m.5 views

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-25917 via apache-airflow-core (>=3.0.0 <=3.1.8rc2)

apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-25917 Source advisory: OSV:GHSA-6FFJ-2WG2-W45J...

7.2CVSS5.7AI score0.00822EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/18 9:30 a.m.8 views

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-25917 via apache-airflow-core (>=3.0.0 <=3.1.8rc2)

apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-25917 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-16119148...

7.2CVSS5.7AI score0.00822EPSS
Exploits0
OSV
OSV
added 2026/04/18 6:20 a.m.3 views

CVE-2026-25917 Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0,...

7.2CVSS6.2AI score0.00822EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/18 6:20 a.m.4 views

CVE-2026-25917 Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0,...

6AI score0.00822EPSS
Exploits0References2
Rows per page
Query Builder