apache-airflow vulnerabilities

Programmatically author, schedule and monitor data pipelines

latest version

2.10.3
latest non vulnerable version

2.10.3
first published

8 years ago
latest version published

16 days ago
licenses detected
- Apache-2.0
  [0,)
View apache-airflow package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache-airflow package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Insertion of Sensitive Information into Log File	[,2.10.3rc1)
M Uninitialized Memory Exposure	[,2.10.3)
H Execution with Unnecessary Privileges	[,2.10.1)
H Improper Encoding or Escaping of Output	[,2.10.1)
M Cross-site Scripting (XSS)	[,2.10.0)
M Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	[,2.9.3)
H Improper Control of Generation of Code ('Code Injection')	[2.4.0,2.9.3)
M Use of Web Browser Cache Containing Sensitive Information	[,2.9.2)
M Cross-site Scripting (XSS)	[2.9.0,2.9.1)
H Improper Certificate Validation	[,2.9.0b1)
M Information Exposure	[2.7.0,2.9.0)
H Arbitrary Code Execution	[,1.9.0)
M Improper Preservation of Permissions	[2.8.2,2.8.4)
M Incorrect Privilege Assignment	[2.8.0,2.8.3rc1)
M Incorrect Default Permissions	[,2.8.2rc1)
M Exposure of Resource to Wrong Sphere	[,2.8.2)
M Improper Authorization	[,2.6.3)
M Deserialization of Untrusted Data	[,2.8.1)
M Missing Authorization	[,2.8.1)
M Insertion of Sensitive Information into Log File	[2.3.0,2.6.1)
M Denial of Service (DoS)	[,2.6.3)
M Cross-site Request Forgery (CSRF)	[2.7.0,2.8.0)
M Improper Access Control	[,2.8.0b1)
M Cross-site Scripting (XSS)	[2.6.0,2.8.0b1)
M Improper Access Control	[,2.8.0b1)
M Incorrect Authorization	[,2.7.3)
M Improper Access Control	[,2.7.3)
M Information Exposure	[2.4.0,2.7.0b1)
M Information Exposure	[2.7.0,2.7.2)
M Improper Access Control	[,2.7.2)
M Improper Access Control	[,2.7.2)
M Information Exposure	[,2.7.2)
M Insecure Defaults	[,2.7.0)
M Incorrect Authorization	[,2.7.3)
M Information Exposure	[,2.7.1)
M Cross-site Scripting (XSS)	[,1.9.0)
H Denial of Service (DoS)	[,2.7.0)
M Improper Certificate Validation	[,2.7.0)
H Session Fixation	[,2.7.0)
H Execution with Unnecessary Privileges	[,2.6.0b1)
M Improper Input Validation	[,2.6.3)
M Incorrect Authorization	[,2.6.3)
M Directory Traversal	[,2.6.3)
M Information Exposure	[,2.6.3)
L Information Exposure	[2.5.0,2.6.2)
M Privilege Escalation	[,2.6.0)
M Cross-site Scripting (XSS)	[,2.6.0)
M Information Exposure	[,2.5.2)
C Command Injection	[,2.5.1)
M Open Redirect	[,2.4.3)
M Information Exposure	[,2.3.1)
M Command Injection	[,2.4.0)
M Open Redirect	[,2.4.2)
M Cross-site Scripting (XSS)	[,2.4.2)
M Access Restriction Bypass	[,2.4.1)
M Information Exposure	[2.3.0,2.3.4)
M Open Redirect	[2.3.0,2.4.0)
M Session Fixation	[2.2.4,2.3.4)
M Information Exposure	[,2.3.4)
M Cross-site Scripting (XSS)	[,2.2.4)
H Command Injection	[,2.2.4)
M Improper Access Control	[,2.2.0)
H Improper Authentication	[2.0.0,2.1.3)
M Information Exposure	[,2.1.2)
M Cross-site Scripting (XSS)	[,1.10.15) [2.0.0b1,2.0.2)
M Privilege Escalation	[,2.0.1)
M Improper Authentication	[2.0.0,2.0.1rc1)
M Improper Authentication	[,1.10.14)
M Server-Side Request Forgery (SSRF)	[,1.10.13)
H Credential Exposure	[,1.10.13)
M Cross-site Scripting (XSS)	[,2.0.2)
M Insecure Defaults	[,1.10.11)
H Cross-site Scripting (XSS)	[,1.10.12)
H Cross-site Scripting (XSS)	[0,1.10.11)
H Cross-site Scripting (XSS)	[0,1.10.11)
H Remote Code Execution (RCE)	[0,1.10.11)
H Insecure Default	[0,1.10.11)
H Command Injection	[0,1.10.11)
M Cross-site Scripting (XSS)	[,1.10.5)
H Arbitrary Code Execution	[,1.10.6)
M Information Exposure	[,1.10.5)
M Cross-site Request Forgery (CSRF)	[,1.10.3)
M Cross-site Scripting (XSS)	[,1.10.3)
M Cross-site Scripting (XSS)	[,1.10.2)
H Improper Certificate Validation	[,1.10.1)
M Information Exposure	[1.8.2,1.9.0)
M Cross-site Scripting (XSS)	[,1.9.0)
M Arbitrary Code Execution	[,1.9.0)
M Cross-site Scripting (XSS)	[1.6.0,1.9.0)
M Cross-site Request Forgery (CSRF)	[,1.9.0)

Package versions

1 - 100 of 208 Results

version	published	direct vulnerabilities
2.10.3	5 Nov, 2024	0 C 0 H 0 M 0 L
2.10.3rc2	1 Nov, 2024	0 C 0 H 1 M 0 L
2.10.3rc1	28 Oct, 2024	0 C 0 H 1 M 0 L
2.10.2	20 Sep, 2024	0 C 0 H 2 M 0 L
2.10.2rc1	17 Sep, 2024	0 C 0 H 2 M 0 L
2.10.1	6 Sep, 2024	0 C 0 H 2 M 0 L
2.10.1rc1	2 Sep, 2024	0 C 2 H 2 M 0 L
2.10.0	15 Aug, 2024	0 C 2 H 2 M 0 L
2.10.0rc1	12 Aug, 2024	0 C 2 H 3 M 0 L
2.10.0b2	1 Aug, 2024	0 C 2 H 3 M 0 L
2.10.0b1	25 Jul, 2024	0 C 2 H 3 M 0 L
2.9.3	16 Jul, 2024	0 C 2 H 3 M 0 L
2.9.3rc1	12 Jul, 2024	0 C 3 H 4 M 0 L
2.9.2	10 Jun, 2024	0 C 3 H 4 M 0 L
2.9.2rc1	6 Jun, 2024	0 C 3 H 5 M 0 L
2.9.1	6 May, 2024	0 C 3 H 5 M 0 L
2.9.1rc2	2 May, 2024	0 C 3 H 6 M 0 L
2.9.1rc1	30 Apr, 2024	0 C 3 H 6 M 0 L
2.9.0	8 Apr, 2024	0 C 3 H 6 M 0 L
2.9.0rc3	7 Apr, 2024	0 C 3 H 6 M 0 L
2.9.0rc2	4 Apr, 2024	0 C 3 H 6 M 0 L
2.9.0rc1	3 Apr, 2024	0 C 3 H 6 M 0 L
2.9.0b2	27 Mar, 2024	0 C 3 H 6 M 0 L
2.9.0b1	21 Mar, 2024	0 C 3 H 6 M 0 L
2.8.4	25 Mar, 2024	0 C 4 H 6 M 0 L
2.8.4rc1	20 Mar, 2024	0 C 4 H 7 M 0 L
2.8.3	11 Mar, 2024	0 C 4 H 7 M 0 L
2.8.3rc1	7 Mar, 2024	0 C 4 H 7 M 0 L
2.8.2	26 Feb, 2024	0 C 4 H 8 M 0 L
2.8.2rc3	24 Feb, 2024	0 C 4 H 8 M 0 L
2.8.2rc2	23 Feb, 2024	0 C 4 H 8 M 0 L
2.8.2rc1	22 Feb, 2024	0 C 4 H 8 M 0 L
2.8.1	19 Jan, 2024	0 C 4 H 9 M 0 L
2.8.1rc1	16 Jan, 2024	0 C 4 H 11 M 0 L
2.8.0	18 Dec, 2023	0 C 4 H 11 M 0 L
2.8.0rc4	16 Dec, 2023	0 C 4 H 11 M 0 L
2.8.0rc3	13 Dec, 2023	0 C 4 H 11 M 0 L
2.8.0rc2	13 Dec, 2023	0 C 4 H 11 M 0 L
2.8.0rc1	11 Dec, 2023	0 C 4 H 11 M 0 L
2.8.0b1	27 Nov, 2023	0 C 4 H 11 M 0 L
2.7.3	6 Nov, 2023	0 C 4 H 14 M 0 L
2.7.3rc1	2 Nov, 2023	0 C 4 H 17 M 0 L
2.7.2	12 Oct, 2023	0 C 4 H 17 M 0 L
2.7.2rc1	9 Oct, 2023	0 C 4 H 21 M 0 L
2.7.1	7 Sep, 2023	0 C 4 H 21 M 0 L
2.7.1rc2	4 Sep, 2023	0 C 4 H 22 M 0 L
2.7.1rc1	4 Sep, 2023	0 C 4 H 22 M 0 L
2.7.0	18 Aug, 2023	0 C 4 H 22 M 0 L
2.7.0rc2	16 Aug, 2023	0 C 6 H 21 M 0 L
2.7.0rc1	11 Aug, 2023	0 C 6 H 21 M 0 L
2.7.0b1	4 Aug, 2023	0 C 6 H 21 M 0 L
2.6.3	10 Jul, 2023	0 C 6 H 22 M 0 L
2.6.3rc1	7 Jul, 2023	0 C 6 H 28 M 0 L
2.6.2	17 Jun, 2023	0 C 6 H 28 M 0 L
2.6.2rc2	14 Jun, 2023	0 C 6 H 28 M 1 L
2.6.2rc1	13 Jun, 2023	0 C 6 H 28 M 1 L
2.6.1	16 May, 2023	0 C 6 H 28 M 1 L
2.6.1rc3	15 May, 2023	0 C 6 H 29 M 1 L
2.6.1rc2	12 May, 2023	0 C 6 H 29 M 1 L
2.6.1rc1	11 May, 2023	0 C 6 H 29 M 1 L
2.6.0	30 Apr, 2023	0 C 6 H 29 M 1 L
2.6.0rc5	29 Apr, 2023	0 C 6 H 30 M 1 L
2.6.0rc4	28 Apr, 2023	0 C 6 H 30 M 1 L
2.6.0rc3	27 Apr, 2023	0 C 6 H 30 M 1 L
2.6.0rc2	26 Apr, 2023	0 C 6 H 30 M 1 L
2.6.0rc1	24 Apr, 2023	0 C 6 H 30 M 1 L
2.6.0b1	14 Apr, 2023	0 C 6 H 30 M 1 L
2.5.3	31 Mar, 2023	0 C 7 H 30 M 1 L
2.5.3rc2	29 Mar, 2023	0 C 7 H 30 M 1 L
2.5.3rc1	27 Mar, 2023	0 C 7 H 30 M 1 L
2.5.2	14 Mar, 2023	0 C 7 H 30 M 1 L
2.5.2rc2	13 Mar, 2023	0 C 7 H 31 M 1 L
2.5.2rc1	10 Mar, 2023	0 C 7 H 31 M 1 L
2.5.1	20 Jan, 2023	0 C 7 H 31 M 1 L
2.5.1rc2	18 Jan, 2023	1 C 7 H 31 M 1 L
2.5.1rc1	14 Jan, 2023	1 C 7 H 31 M 1 L
2.5.0	2 Dec, 2022	1 C 7 H 31 M 1 L
2.5.0rc3	1 Dec, 2022	1 C 7 H 31 M 0 L
2.5.0rc2	27 Nov, 2022	1 C 7 H 31 M 0 L
2.5.0rc1	26 Nov, 2022	1 C 7 H 31 M 0 L
2.4.3	14 Nov, 2022	1 C 7 H 31 M 0 L
2.4.3rc1	11 Nov, 2022	1 C 7 H 32 M 0 L
2.4.2	24 Oct, 2022	1 C 7 H 32 M 0 L
2.4.2rc1	20 Oct, 2022	1 C 7 H 34 M 0 L
2.4.1	30 Sep, 2022	1 C 7 H 34 M 0 L
2.4.1rc1	27 Sep, 2022	1 C 7 H 35 M 0 L
2.4.0	19 Sep, 2022	1 C 7 H 35 M 0 L
2.4.0rc1	15 Sep, 2022	1 C 6 H 36 M 0 L
2.4.0b1	8 Sep, 2022	1 C 6 H 36 M 0 L
2.3.4	23 Aug, 2022	1 C 6 H 36 M 0 L
2.3.4rc1	20 Aug, 2022	1 C 6 H 39 M 0 L
2.3.3	9 Jul, 2022	1 C 6 H 39 M 0 L
2.3.3rc3	6 Jul, 2022	1 C 6 H 39 M 0 L
2.3.3rc2	6 Jul, 2022	1 C 6 H 39 M 0 L
2.3.3rc1	2 Jul, 2022	1 C 6 H 39 M 0 L
2.3.2	4 Jun, 2022	1 C 6 H 39 M 0 L
2.3.2rc2	1 Jun, 2022	1 C 6 H 39 M 0 L
2.3.2rc1	30 May, 2022	1 C 6 H 39 M 0 L
2.3.1	25 May, 2022	1 C 6 H 39 M 0 L
2.3.1rc1	21 May, 2022	1 C 6 H 40 M 0 L

See all versions

apache-airflow vulnerabilities

Programmatically author, schedule and monitor data pipelines

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Package versions