BIT-AIRFLOW-2026-42252 Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

CVE-2026-42252

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

PYSEC-0000-CVE-2026-42252

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

PYSEC-2026-184

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

CVE-2026-42252 Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

CVE-2026-42252 Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

CVE-2026-42252

CVE-2026-42252 affects Apache Airflow. The issue stems from a documentation example in core-concepts/dag-run.html that used a BashOperator invocation without proper quoting, creating a pattern vulnerable to shell-metacharacter injection via dag_run.conf. In deployments where Dag.can_trigger is av...

PT-2026-45368

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbash command="echo value: dag run.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

Apache Airflow: RCE by race condition in example_xcom dag

The example examplexcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of code on the worker. Since the UI users are already highly...

PT-2026-32992

Name of the Vulnerable Software and Affected Versions Apache Airflow affected versions not specified Description An example named 'example xcom' in the documentation implemented an unsafe pattern for reading values from XCom. This could allow a UI user with permissions to modify XComs to execute...

CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

EUVD-2022-2123

Malicious code in bioql PyPI...

SUSE CVE-2025-2723

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the call is invalid as the buffer pointed to by "data" must have "len" valid bytes."...

CVE-2024-48876 stackdepot: fix stack_depot_save_flags() in NMI context

In the Linux kernel, the following vulnerability has been resolved: stackdepot: fix stackdepotsaveflags in NMI context Per documentation, stackdepotsaveflags was meant to be usable from NMI context if STACKDEPOTFLAGCANALLOC is unset. However, it still would try to take the poollock in an attempt ...

CLSA-2023-1683235759 Fix CVE(s): CVE-2022-3996, CVE-2023-0464, CVE-2023-0466

SECURITY UPDATE: Excessive resource use verifying X.509 policy constraints - debian/patches/CVE-2023-0464.patch: Limit X.509 certificate tree size to avoid exponential use of computational resources - CVE-2023-0464 SECURITY UPDATE: Incorrecly documented X509VERIFYPARAMadd0policy -...

kernel security and bug fix update

4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

SUSE-SU-2022:4501-1 Security update for ceph

This update for ceph fixes the following issues: ceph was updated to the Pacific release 16.2.9-536-g41a9f9a5573: + bsc1195359, bsc1200553 rgw: check bucket shard init status in RGWRadosBILogTrimCR + bsc1194131 ceph-volume: honour osddmcryptkeysize option CVE-2021-3979 + bsc1200064, Remove last...

SUSE-SU-2021:14693-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2015-5218: Prevent colcrt buffer overflow. bsc949754 These non-security issues were fixed: - Mount crashes when trying to mount shmfs while SELinux is active. bsc1040414 - Fix lsblk -f on CCISS and other devices with nodes in /dev...

SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1501-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1983: Fixed a use-after-free in the ipreass function of slirp bsc1170940. CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect bsc1165776. CVE-2020-1711: Fixed a potential OOB access in the...

CVE-2013-1437

Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value...