airflow-2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the airflow-2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L Allocation of Resources Without Limits or Throttling	<2.11.0-r19
L HTTP Request Smuggling	<2.11.0-r19
L HTTP Request Smuggling	<2.11.0-r19
L GHSA-fh55-r93g-j68g	<2.11.0-r19
L GHSA-6jhg-hg63-jvvf	<2.11.0-r19
L Allocation of Resources Without Limits or Throttling	<2.11.0-r19
L Loop with Unreachable Exit Condition ('Infinite Loop')	<2.11.0-r19
L GHSA-mqqc-3gqh-h2x8	<2.11.0-r19
L Directory Traversal	<2.11.0-r19
L GHSA-jj3x-wxrx-4x23	<2.11.0-r19
L GHSA-69f9-5gxw-wvc2	<2.11.0-r19
L Improper Handling of Highly Compressed Data (Data Amplification)	<2.11.0-r19
L GHSA-g84x-mcqj-x9qq	<2.11.0-r19
L GHSA-6mq8-rvhq-8wgg	<2.11.0-r19
L Logging of Excessive Data	<2.11.0-r19
L GHSA-54jq-c3m8-4m76	<2.11.0-r19
L GHSA-428g-f7cq-pgp5	<2.11.0-r18
L Asymmetric Resource Consumption (Amplification)	<2.11.0-r18
L Link Following	<2.11.0-r17
L GHSA-w853-jp5j-5j7f	<2.11.0-r17
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.11.0-r16
L GHSA-gm62-xv2j-4w53	<2.11.0-r16
L GHSA-2xpw-w6gg-jr37	<2.11.0-r16
H Allocation of Resources Without Limits or Throttling	<2.11.0-r16
L GHSA-r397-ff8c-wv2g	<2.11.0-r15
L External Control of File Name or Path	<2.11.0-r15
L CVE-2025-8869	<2.11.0-r14
L GHSA-4xh5-x5gv-qwph	<2.11.0-r14
L CRLF Injection	<2.11.0-r12
L GHSA-847f-9342-265h	<2.11.0-r12
M Open Redirect	<2.11.0-r5
L GHSA-48p4-8xcf-vxj5	<2.11.0-r5
M Open Redirect	<2.11.0-r5
L GHSA-pq67-6m6q-mj2v	<2.11.0-r5