2 matches found
PYSEC-2026-1131 Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability
Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow. Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend Note: the vulnerability is about the information exposed in the logs not...
PT-2021-15547 · Celery +2 · Celery +2
Name of the Vulnerable Software and Affected Versions: celery versions prior to 5.2.2 Description: The issue affects the package by default trusting messages and metadata stored in backends, which can lead to a stored command injection vulnerability when an attacker gains access to or manipulates...