Cross Site Scripting(XSS)

apacheairflow is vulnerable to a Cross Site ScriptingXSS. The vulnerability is due to the ability of a malicious provider to execute a script when a user clicks on a provider documentation link in docs.py and provided the provider is installed on the web server, which allows an attacker to exploi...

Unauthorized Access

apacheairflow is vulnerable to Unauthorized Access. The vulnerability is due to the lack of default authentication in the Experimental API, which allows API requests without verification, resulting in sensitive information exposure...

Missing Authentication

apacheairflow is vulnerable to Missing Authentication. The vulnerability due to lack of authentication enforcement on the lineage endpoint of the deprecated Experimental API, allows unauthenticated users to access the endpoint, potentially exposing metadata about a Directed Acyclic Graph DAG and...

Information Disclosure

apacheairflow is vulnerable to a Information Disclosure. The vulnerability is due to an insecure umask configuration in numerous Airflow components when running with the --daemon flag, resulting in a race condition that results in setting files within the airflow home directory world writable...

Improper Access Control

apacheairflow is vulnerable to Improper Access Control. The vulnerability is due to the variablesimport function within variablecommand.py and the varimport function within views.py. These functions lack permission checks and have inadequate handling of existing variables during imports, allowing...

Cross-Site Request Forgery (CSRF)

apacheairflow is vulnerable to Cross-Site Request Forgery. The vulnerability is due to the trigger function in views.py which accepts HTTP GET requests for triggering DAGs. An attacker can exploit this by creating a malicious website/URL that sends unauthorized GET requests to trigger DAGs in...

Privilege Escalation

apacheairflow is vulnerable to Privilege Escalation. The vulnerability is due to requiresaccessdecorator function in auth.py which does not check if a user has the required permissions to access certain DAGs. This allows an attacker can manipulate DAGs beyond their permission scope. This can lead...

Incorrect Authorization

apacheairflow is vulnerable to Incorrect Authorization. The vulnerability is caused by a missing read only validation rule for all the fields e.g: startdate, enddate, runid ,dagid, state except note field while editing/modifying DAG Directed Acyclic Graph run detail values. This can lead to...

Improper Certificate Validation

apacheairflow is vulnerable to Improper Certificate Validation. The software does not properly validate SMTP certificates, which could allow an attacker to present a malicious certificate to the client which could be used to impersonate a legitimate mail server, allowing the attacker to steal mai...

Denial Of Service (DoS)

apacheairflow is vulnerable to Denial Of Service DoS attacks. The vulnerability can be exploited by an authenticated user with edit connection privileges, allowing them to send a large number of test connection requests, which can eventually exhaust the server's resources and cause a DoS...

Denial Of Service (DoS)

apacheairflow is vulnerable to Denial Of Service DoS. The vulnerability exists because the DagRun.runid parameter is not properly sanitized which allows an attacker to cause an application crash by manipulating the runid parameter...

Path Traversal

apacheairflow is vulnerable to Path Traversal. The vulnerability exists because the DagRun.runid parameter is not properly sanitized which allows an attacker to gain access to unauthorized files outside the intended directory...

Missing Authorization

apacheairflow is vulnerable to Missing Authorization. The vulnerability exists in decorated function of auth.py due to missing authorization checks which allows a remote attacker is acquire read access to a DAG through the URL...

Privilege Escalation

apacheairflow is vulnerable to Privilege Escalation. The vulnerability is due to the File Task Handler failing to apply different permissions to logs generated by airflow. To address impersonation, the File Task Handler should grant varied permissions to log files generated by Airflow. The...

Stored Cross-Site Scripting (XSS)

apacheairflow is vulnerable to Stored Cross-Site Scripting XSS attacks. The library uses template literals to construct html elements, which allows an attacker to execute malicious JavaScript on victim's browser through XSS payloads stored on the application server...

Information Disclosure

apacheairflow is vulnerable to Information Disclosure. A remote attacker is able to gain access to unauthorized information through error messages via the showtraceback function in views.py, resulting in the disclosure of sensitive information...

Information Disclosure

apacheairflow is vulnerable to information disclosure. The vulnerability is due to getrenderedtemplatefields of taskinstance.py because secrets are rendered in the UI when the task has not executed which allows an attacker to view unmasked secrets in the rendered template values...

Cross-Site Scripting (XSS)

apacheairflow is vulnerable to cross-site scripting. The vulnerability is due to the origin query argument in the getsafeurl function of views.py which allows an attacker to inject and execute arbitrary scripts...

Improper Authorization

apacheairflow is vulnerable to improper authorization. A deactivated user is able to continue using the UI or the API with an already authenticated session due to the insufficient checks in createapp function...

Information Disclosure

apacheairflow is vulnerable to information disclosure. The vulnerability exists in read function of filetaskhandler.py due to the use of externally controlled format string which allows an attacker to extract information from the system...