5 matches found
CVE-2026-30911
creationtimestamp| type| source ---|---|--- 2026-03-17 22:16:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbys2kvdk2x...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-30911 via apache-airflow-core (>=3.0.0 <=3.1.8)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-30911 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15674482...
apache-airflow-core (>=3.1.0 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-30911 via apache-airflow (>=3.1.0 <=3.1.7)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-30911 Source advisory: OSV:GHSA-8X34-9Q3V-H7G8...
apache-airflow-core (>=3.1.0 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-30911 via apache-airflow (>=3.1.0 <=3.1.7)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-30911 Source advisory: OSV:PYSEC-2026-17...
CVE-2026-30911 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...