airflow-3 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the airflow-3 package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L GHSA-38jv-5279-wg99	<3.1.5-r3
L Improper Handling of Highly Compressed Data (Data Amplification)	<3.1.5-r3
L GHSA-hgf8-39gv-g3f2	<3.1.3-r0
M Improper Handling of Windows Device Names	<3.1.3-r0
L Asymmetric Resource Consumption (Amplification)	<3.1.5-r1
L GHSA-428g-f7cq-pgp5	<3.1.5-r1
L GHSA-w853-jp5j-5j7f	<3.1.5-r0
L Link Following	<3.1.5-r0
L GHSA-gm62-xv2j-4w53	<3.1.4-r0
L GHSA-2xpw-w6gg-jr37	<3.1.4-r0
H Allocation of Resources Without Limits or Throttling	<3.1.4-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<3.1.4-r0
L External Control of File Name or Path	<3.1.0-r3
L GHSA-r397-ff8c-wv2g	<3.1.0-r3
L GHSA-847f-9342-265h	<3.0.6-r0
L CRLF Injection	<3.0.6-r0
L GHSA-2c2j-9gv5-cj73	<3.0.3-r3
L Allocation of Resources Without Limits or Throttling	<3.0.3-r3
L GHSA-pq67-6m6q-mj2v	<3.0.2-r2
L GHSA-48p4-8xcf-vxj5	<3.0.2-r2
M Open Redirect	<3.0.2-r2
M Open Redirect	<3.0.2-r2
L GHSA-7cx3-6m66-7c5m	<3.0.1-r1
L Function Call With Incorrect Order of Arguments	<3.0.1-r1
L GHSA-4grg-w6v8-c28g	<3.0.1-r1
L GHSA-r244-wg5g-6w2r	<3.0.1-r1
M Open Redirect	<3.0.1-r1
L GHSA-99pm-ch96-ccp2	<3.0.1-r1
L Insufficiently Protected Credentials	<3.0.1-r1
L GHSA-9hjg-9r4m-mvj7	<3.0.1-r1
L Allocation of Resources Without Limits or Throttling	<3.0.1-r1
L CVE-2025-5279	<3.0.1-r1