airflow-2-compat vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the airflow-2-compat package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Improper Verification of Cryptographic Signature	<2.11.2-r0
H Improper Validation of Integrity Check Value	<2.11.2-r0
M Not Failing Securely ('Failing Open')	<2.11.2-r0
M Information Exposure	<2.11.2-r0
C Buffer Overflow	<2.11.2-r0
L Information Exposure	<2.11.2-r0
L Arbitrary Code Injection	<2.11.2-r0
L GHSA-72hv-8253-57qq	*
L Origin Validation Error	<2.11.2-r0
C Improper Verification of Cryptographic Signature	<2.11.2-r0
L Insufficient Verification of Data Authenticity	<2.11.2-r0
L GHSA-78cv-mqj4-43f7	<2.11.2-r0
L Improper Control of Dynamically-Managed Code Resources	<2.11.2-r0
H Resource Exhaustion	<2.11.2-r0
L Information Exposure Through Log Files	<2.11.2-r0
L CVE-2026-2473	<2.11.2-r0
L CVE-2026-2472	<2.11.2-r0
M Information Exposure Through Caching	*
M Declaration of Catch for Generic Exception	<2.11.2-r0
L GHSA-27jp-wm6q-gp25	<2.11.2-r0
M Improper Handling of Windows Device Names	<2.11.2-r0
L Information Exposure	*
M CVE-2026-26007	<2.11.2-r0
L CVE-2026-1703	*
L CVE-2026-0994	<2.11.2-r0
M Directory Traversal	*
M Allocation of Resources Without Limits or Throttling	<2.11.2-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.11.2-r0
H Allocation of Resources Without Limits or Throttling	<2.11.2-r0
H Cross-site Request Forgery (CSRF)	<2.11.2-r0
M Logging of Excessive Data	<2.11.2-r0
M HTTP Request Smuggling	<2.11.2-r0
L Incomplete Blacklist	<2.11.2-r0
L Allocation of Resources Without Limits or Throttling	<2.11.2-r0
L Link Following	<2.11.2-r0
M HTTP Request Smuggling	<2.11.2-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<2.11.2-r0
L Improper Handling of Highly Compressed Data (Data Amplification)	<2.11.2-r0
M Directory Traversal	<2.11.2-r0
L Information Exposure Through Log Files	<2.11.2-r0
H Deserialization of Untrusted Data	<2.11.2-r0
L Link Following	<2.11.2-r0
M Improper Certificate Validation	<2.11.2-r0
L Asymmetric Resource Consumption (Amplification)	<2.11.2-r0
M Link Following	<2.11.2-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.11.2-r0
H Allocation of Resources Without Limits or Throttling	<2.11.2-r0
M Improper Handling of Windows Device Names	<2.11.2-r0
L Insecure Default Initialization of Resource	<2.11.2-r0
L Arbitrary Code Injection	<2.11.2-r0
M Open Redirect	<2.11.2-r0
M Open Redirect	<2.11.2-r0
H Out-of-bounds Write	<2.11.2-r0
M Directory Traversal	<2.11.2-r0
L CVE-2025-8869	*
L Improper Authentication	*
M Open Redirect	*
L CVE-2024-34069	<2.11.2-r0
H Resource Exhaustion	<2.11.2-r0

Vulnerability

Vulnerable Version

Improper Verification of Cryptographic Signature

<2.11.2-r0