VYPR

Apache Airflow Providers Opensearch

by Apache

Source repositories

CVEs (3)

  • CVE-2026-43826MedMay 11, 2026
    risk 0.35cvss 6.5epss 0.00

    The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission…

  • CVE-2023-35798Jun 27, 2023
    risk 0.00cvss epss 0.01

    Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to…

  • CVE-2023-34395Jun 27, 2023
    risk 0.00cvss epss 0.01

    Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow…