VYPR

Airflow

by Apache

pypi: airflow

Source repositories

CVEs (142)

  • CVE-2026-42358MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered by secret-suffixed key names like `password`, `token`, `secret`, `api_key`) to be bypassed when the JSON value's nesting depth exceeded the shared secrets masker's recursion limit: the…

  • CVE-2026-40861MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.01

    A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg`) or (b) supply a `task_id` containing `..` sequences accepted by the Task…

  • CVE-2026-45192MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's `extra` JSON blob under field names not present in the redaction allowlist…

  • CVE-2026-43826MedMay 11, 2026
    risk 0.35cvss 6.5epss 0.00

    The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission…

  • CVE-2026-41018MedMay 11, 2026
    risk 0.35cvss 6.5epss 0.00

    The Elasticsearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission…

  • CVE-2026-25219MedApr 15, 2026
    risk 0.35cvss 6.5epss 0.01

    The `access_key` and `connection_string` connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be…

  • CVE-2026-34538MedApr 9, 2026
    risk 0.35cvss 6.5epss 0.01

    Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with…

  • CVE-2017-12614MedAug 6, 2018
    risk 0.33cvss 6.1epss 0.02

    It was noticed an XSS in certain 404 pages that could be exploited to perform an XSS attack. Chrome will detect this as a reflected XSS attempt and prevent the page from loading. Firefox and other browsers don't, and are vulnerable to this attack. Mitigation: The fix for this is…

  • CVE-2026-49267MedJun 1, 2026
    risk 0.31cvss 5.9epss 0.00

    Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used `[email] smtp_starttls=True` without `[email] smtp_ssl`. An attacker positioned between the…

  • CVE-2026-41017MedJun 1, 2026
    risk 0.31cvss 5.9epss 0.00

    Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy (e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API…

  • CVE-2026-41016MedApr 30, 2026
    risk 0.31cvss 5.9epss 0.00

    Apache Airflow's SMTP provider `SmtpHook` called Python's `smtplib.SMTP.starttls()` without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate,…

  • CVE-2026-40948MedApr 18, 2026
    risk 0.28cvss 5.4epss 0.00

    The Keycloak authentication manager in `apache-airflow-providers-keycloak` did not generate or validate the OAuth 2.0 `state` parameter on the login / login-callback flow, and did not use PKCE. An attacker with a Keycloak account in the same realm could deliver a crafted…

  • CVE-2026-42526MedMay 19, 2026
    risk 0.27cvss 5.3epss 0.00

    In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-amazon` prior to 9.28.0, the team-scoping logic could resolve a `conn_id` containing a `/` (e.g. `"my_team/conn"`) to the same path as another team's team-scoped secret when the…

  • CVE-2026-46764MedJun 1, 2026
    risk 0.21cvss 4.3epss 0.00

    The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the collection endpoint `GET /api/v2/eventLogs` applied per-Dag scoping. An authenticated…

  • CVE-2026-41014MedJun 1, 2026
    risk 0.21cvss 4.3epss 0.00

    The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they…

  • CVE-2026-40690MedApr 24, 2026
    risk 0.21cvss 4.3epss 0.00

    The asset dependency graph did not restrict nodes by the viewer's DAG read permissions: a user with read access to at least one DAG could browse the asset graph for any other asset in the deployment and learn the existence and names of DAGs and assets outside their authorized…

  • CVE-2026-38743MedApr 24, 2026
    risk 0.21cvss 4.3epss 0.00

    The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance records: a logged-in Airflow user with read access to at least one DAG could retrieve HITL prompts (including their request parameters) and full…

  • CVE-2026-32690LowApr 18, 2026
    risk 0.17cvss 3.7epss 0.00

    Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked. If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise…

  • CVE-2020-11978KEVJul 16, 2020
    risk 0.16cvss epss 0.99

    An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow…

  • CVE-2026-45426LowJun 1, 2026
    risk 0.13cvss 3.1epss 0.00

    Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's `str.lstrip()` to the requested path segment when…

Page 2 of 8