110 matches found
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: falcoctl, coder, rootlesskit-fips, docker-fips, keda-fips, minio-fips, crossplane-provider-aws-scheduler, upwind-agent, trivy, spire-server, crossplane-provider-azure-managedidentity, crossplane-provider-aws-backup, crossplane-provider-aws-ec2-fips,...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: cri-tools, falcoctl, kiali-fips, aws-fsx-csi-driver-fips, docker-fips, flux-image-reflector-controller-fips, kgateway, datadog-operator-fips, trivy, crossplane-provider-azure-managedidentity, opensearch-datasource-fips, terraform-provider-google-fips,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: cri-tools, falcoctl, kiali-fips, aws-fsx-csi-driver-fips, docker-fips, flux-image-reflector-controller-fips, kgateway, datadog-operator-fips, trivy, crossplane-provider-azure-managedidentity, opensearch-datasource-fips, terraform-provider-google-fips,...
CVE-2026-25219
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: step-ca, wal-g, gotrue, certificate-transparency-fips, keda-fips, argo-workflows-fips, spire-server, opentelemetry-collector-contrib-fips, steampipe, telegraf, ferretdb, openbao, spicedb-fips, teleport, trillian, caddy, kube-bench, sftpgo-plugin-eventstore,...
BIT-AIRFLOW-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
EUVD-2026-22921
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
GHSA-4G48-54Q2-FG7Q Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...
Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...
CVE-2026-25219
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
CVE-2026-25219
CVE-2026-25219 affects Apache Airflow. The vulnerability arises because the access_key and connection_string fields were not marked as sensitive in secrets masker, enabling users with read access to view these values in the UI and potentially in logs. The documented remediation is to upgrade Airf...
CVE-2026-25219
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...
PT-2026-33058
Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.1.8 Description The secrets masker failed to mark the access key and connection string connection properties as sensitive. This allows users with read permissions to view these values in the Connection UI...
EUVD-2024-40746
Malicious code in bioql PyPI...
EUVD-2023-25699
Malicious code in bioql PyPI...
EUVD-2025-0201
Malicious code in bioql PyPI...
EUVD-2023-32007
Malicious code in bioql PyPI...
EUVD-2023-40788
Malicious code in bioql PyPI...