9 matches found
CVE-2025-24794 vulnerabilities
Vulnerabilities for packages: datadog-agent, datadog-agent-fips, airflow...
CVE-2024-45033 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-49750 vulnerabilities
Vulnerabilities for packages: datadog-agent, datadog-agent-fips, airflow...
CVE-2024-21272 vulnerabilities
Vulnerabilities for packages: airflow...
GHSA-C392-WHPC-VFPR vulnerabilities
Vulnerabilities for packages: airflow...
GHSA-J482-47XF-P25C vulnerabilities
Vulnerabilities for packages: airflow...
PYSEC-2023-266
Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the executi...
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow, related to improper authorization, allows a perpetrator to disclose protected information.
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to improper authorization. Exploiting this vulnerability allows a malicious actor, operating remotely, to expose sensitive information through a specially created URL...
The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow lies in its ability to restore unreliable data structures in memory, allowing an attacker to execute arbitrary code or cause service failures.
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...