Airflow providers-google
by Apache
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45361 | 0.00 | — | — | May 25, 2026 | Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to… | |||
| CVE-2023-25692 | 0.00 | — | 0.02 | Feb 24, 2023 | Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. | |||
| CVE-2023-25691 | 0.00 | — | 0.01 | Feb 24, 2023 | Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. |
- CVE-2026-45361May 25, 2026risk 0.00cvss —epss —
Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to…
- CVE-2023-25692Feb 24, 2023risk 0.00cvss —epss 0.02
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.
- CVE-2023-25691Feb 24, 2023risk 0.00cvss —epss 0.01
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.