Homepage

airflow

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the airflow package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-2vpq-fh52-j3wv

<2.10.5-r0
  • L
HTTP Request Smuggling

<2.10.5-r43
  • L
GHSA-vqfr-h8mv-ghfj

<2.10.5-r43
  • L
CVE-2024-12745

<2.10.4-r2
  • H
Improper Neutralization

<2.10.4-r2
  • L
Deserialization of Untrusted Data

<2.10.5-r0
  • L
SQL Injection

<2.10.5-r0
  • L
GHSA-m4f6-vcj4-w5mx

<2.10.5-r0
  • L
GHSA-r2x6-cjg7-8r43

<2.10.5-r0
  • L
GHSA-q2x7-8rv6-6q7h

<2.10.4-r2
  • L
Incorrect Default Permissions

<2.10.5-r0
  • L
Information Exposure

<2.10.3-r0
  • L
GHSA-gmj6-6f8f-6699

<2.10.4-r2
  • L
Insufficient Session Expiration

<2.10.4-r2
  • L
GHSA-8gc2-vq6m-rwjw

<2.10.4-r2
  • L
GHSA-j857-2pwm-jjmm

<2.10.3-r0
  • H
CVE-2024-52304

<2.10.3-r2
  • L
Resource Exhaustion

<2.10.3-r2
  • L
CVE-2024-45034

<2.10.1-r0
  • L
GHSA-c392-whpc-vfpr

<2.10.1-r0
  • L
GHSA-8495-4g3g-x7pr

<2.10.3-r2
  • L
GHSA-27mf-ghqm-j3j8

<2.10.3-r2
  • L
Allocation of Resources Without Limits or Throttling

<2.10.5-r44
  • L
GHSA-8w49-h785-mj3c

<2.10.3-r2
  • L
SQL Injection

<2.10.5-r3
  • L
Missing Release of Resource after Effective Lifetime

<2.10.3-r2
  • L
GHSA-hhm6-jjf4-6pm3

<2.10.5-r3
  • L
GHSA-8863-4qmg-fr45

<2.10.4-r2
  • L
GHSA-92xg-gmrq-5c3w

<2.10.1-r0
  • L
CVE-2025-5279

<2.11.0-r1
  • L
GHSA-7cx3-6m66-7c5m

<2.10.5-r44
  • L
Improper Encoding or Escaping of Output

<2.10.1-r0
  • L
GHSA-r244-wg5g-6w2r

<2.11.0-r1
  • L
CVE-2024-12797

<2.10.5-r1
  • L
Protection Mechanism Failure

<2.10.4-r2
  • L
GHSA-79v4-65xg-pq4g

<2.10.5-r1
  • M
Information Exposure Through Log Files

<2.10.2-r1
  • L
GHSA-fw5r-6m3x-rh7p

<2.10.3-r0
  • H
CVE-2024-21272

<2.10.2-r1
  • M
CVE-2024-45314

<2.10.3-r0
  • L
GHSA-hgjp-83m4-h4fj

<2.10.2-r1
  • L
GHSA-5vvg-pvhp-hv2m

<2.10.2-r1
  • M
Cross-site Scripting (XSS)

<2.10.0-r0
  • M
CVE-2024-42367

<2.9.3-r2
  • C
Insufficient Session Expiration

<2.9.3-r2
  • L
Arbitrary Code Injection

<2.9.3-r1
  • H
Arbitrary Code Injection

<2.9.3-r0
  • M
Cross-site Scripting (XSS)

<2.9.3-r0
  • H
Insufficient Verification of Data Authenticity

<2.9.2-r2
  • M
CVE-2024-37891

<2.9.2-r1
  • M
CVE-2024-25142

<2.9.2-r0
  • M
Race Condition

<2.9.2-r0
  • L
CVE-2024-35195

<2.9.1-r1