Lucene search
K

5 matches found

PyPA
PyPA
added 2026/05/25 10:16 a.m.24 views

PYSEC-2026-166

Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...

8.1CVSS5.8AI score0.0059EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/25 9:34 a.m.49 views

CVE-2026-45361 Apache Airflow Google provider: SSH host key verification disabled in ComputeEngineSSHHook (paramiko AutoAddPolicy default)

Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...

0.0059EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/25 9:34 a.m.15 views

CVE-2026-45361 Apache Airflow Google provider: SSH host key verification disabled in ComputeEngineSSHHook (paramiko AutoAddPolicy default)

Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...

5.8AI score0.0059EPSS
Exploits0References2
CVE
CVE
added 2026/05/25 9:34 a.m.32 views

CVE-2026-45361

CVE-2026-45361 affects the Apache Airflow Google provider: ComputeEngineSSHHook disables SSH host-key verification by default, allowing an attacker on-path to intercept or modify SSH sessions between an Airflow worker and a Compute Engine VM. The vulnerability is tied to the ComputeEngineSSHHook ...

8.1CVSS5.8AI score0.0059EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:28 a.m.5 views

CVE-2023-25692

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...

7.5CVSS6.9AI score0.01826EPSS
Exploits0References1
Rows per page
Query Builder