pkg:PyPI/apache-airflow

All known vulnerabilities

• CRITICAL9.8CVE-2020-13927⚠ KEVAuthentication bypass in Apache Airflow
  from 0, < 1.10.11
• CRITICAL9.8CVE-2020-13927⚠ KEVAuthentication bypass in Apache Airflow
  from 0, < 1.10.11
• HIGH8.8CVE-2020-11978⚠ KEVRemote code execution (RCE) in Apache Airflow
  from 0, < 1.10.11rc1
• HIGH8.8CVE-2020-11978⚠ KEVRemote code execution (RCE) in Apache Airflow
  from 0, < 1.10.11rc1
• CRITICAL9.8CVE-2025-67895Apache Airflow Providers Edge3 exposes internal API allowing RCE in web server context
  from 0, < 2.0.0
• CRITICAL9.8CVE-2023-25754Apache Airflow: Privilege escalation using airflow logs
  from 0, < 2.6.0
• CRITICAL9.8CVE-2023-25754Apache Airflow: Privilege escalation using airflow logs
  from 0, < 2.6.0b1
• CRITICAL9.8CVE-2023-25693Apache Airflow Sqoop Provider Improper Input Validation vulnerability
  from 0, < 3.1.1
• CRITICAL9.8CVE-2023-22884Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow
  from 0, < 2.5.1
• CRITICAL9.8CVE-2022-40189Apache Airlfow Pig Provider RCE
  from 0, < 2.3.0
• CRITICAL9.8CVE-2022-38649Apache Airflow Pinot provider allowed Command Injection
  from 0, < 2.3.0
• CRITICAL9.8CVE-2022-38054Session Fixation
  >= 2.2.4, < 2.3.4rc1
• CRITICAL9.8CVE-2022-38054Session Fixation
  >= 2.2.4, < 2.3.4rc1
• CRITICAL9.8CVE-2021-38540Apache Airflow: Variable Import endpoint missed authentication check
  >= 2.0.0, < 2.1.3
• CRITICAL9.8CVE-2021-38540Apache Airflow: Variable Import endpoint missed authentication check
  >= 2.0.0, < 2.1.3
• CRITICAL9.8CVE-2020-11982Insecure default config of Celery worker in Apache Airflow
  from 0, < 1.10.11
• CRITICAL9.8CVE-2020-11982Insecure default config of Celery worker in Apache Airflow
  from 0, < 1.10.11rc1
• CRITICAL9.8CVE-2020-11981Command injection via Celery broker in Apache Airflow
  from 0, < 1.10.11rc1
• CRITICAL9.8CVE-2020-11981Command injection via Celery broker in Apache Airflow
  from 0, < 1.10.11rc1
• CRITICAL9.8CVE-2017-17836Apache Airflow vulnerable to XSS
  from 0, < 1.9.0
• CRITICAL9.8CVE-2017-17836Apache Airflow vulnerable to XSS
  from 0, < 1.9.0
• CRITICAL9.1CVE-2025-57735Apache Airflow: JWT token still valid after logout
  >= 3.0.0, < 3.2.0
• HIGH8.8CVE-2026-33858Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API
  >= 3.1.8, < 3.2.0
• HIGH8.8CVE-2026-33858Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API
  >= 3.1.8, < 3.2.0
• HIGH8.8CVE-2024-45034Apache Airflow vulnerable to Execution with Unnecessary Privileges
  from 0, < 2.10.1
• HIGH8.8CVE-2024-45498Apache Airflow: Command Injection in an example DAG
  >= 2.10.0, < 2.10.1
• HIGH8.8CVE-2024-45498Apache Airflow: Command Injection in an example DAG
  from 0, <= 2.10.0-NA
• HIGH8.8CVE-2024-45034Apache Airflow vulnerable to Execution with Unnecessary Privileges
  from 0, < 2.10.1
• HIGH8.8CVE-2024-39877Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler
  >= 2.4.0, < 2.9.3
• HIGH8.8CVE-2024-39877Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler
  >= 2.4.0, < 2.9.3
• HIGH8.8CVE-2023-39508Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges
  from 0, < 2.6.0
• HIGH8.8CVE-2023-39508Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges
  from 0, < 2.6.0b1
• HIGH8.8CVE-2022-40127Apache Airflow <2.4.0 has an RCE in a bash example
  from 0, < 2.4.0
• HIGH8.8CVE-2022-40127Apache Airflow <2.4.0 has an RCE in a bash example
  from 0, < 2.4.0
• HIGH8.8CVE-2022-24288Apache Airflow: RCE in example DAGs
  from 0, < 2.2.4
• HIGH8.8CVE-2022-24288Apache Airflow: RCE in example DAGs
  from 0, < 2.2.4
• HIGH8.8CVE-2019-0229Apache Airflow vulnerable to CSRF Attacks
  from 0, < 1.10.3b1
• HIGH8.8CVE-2019-0229Apache Airflow vulnerable to CSRF Attacks
  from 0, < 1.10.3
• HIGH8.8CVE-2017-17835Cross-Site Request Forgery (CSRF) in Apache Airflow
  from 0, < 1.9.0
• HIGH8.8CVE-2017-17835Cross-Site Request Forgery (CSRF) in Apache Airflow
  from 0, < 1.9.0
• HIGH8.8CVE-2017-15720Improper Input Validation in Apache Airflow resulting in Remote Code Execution
  from 0, < 1.9.0
• HIGH8.8CVE-2017-15720Improper Input Validation in Apache Airflow resulting in Remote Code Execution
  from 0, < 1.9.0
• HIGH8.4CVE-2024-56373Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table
  from 0, < 2.11.1
• HIGH8.1CVE-2025-54550Apache Airflow: RCE by race condition in example_xcom dag
  from 0, < 3.2.0
• HIGH8.1CVE-2026-30911Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
  >= 3.0.0, < 3.1.8
• HIGH8.1CVE-2026-30911Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
  >= 3.1.0, < 3.1.8
• HIGH8.1CVE-2024-28746Apache Airflow: Ignored Airflow Permissions
  >= 2.8.0, < 2.8.3rc1
• HIGH8.1CVE-2024-28746Apache Airflow: Ignored Airflow Permissions
  >= 2.8.0, < 2.8.3rc1
• HIGH8.1CVE-2023-37379Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature
  from 0, < 2.7.0
• HIGH8.1CVE-2023-37379Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature
  from 0, < 2.7.0b1
• HIGH8.1CVE-2022-41672Session still functional after user is deactivated
  from 0, < 2.4.2rc1
• HIGH8.1CVE-2022-41672Session still functional after user is deactivated
  from 0, < 2.4.1rc1
• HIGH8.0CVE-2023-40273Session fixation in Apache Airflow web interface
  from 0, < 2.7.0rc2
• HIGH8.0CVE-2023-40273Session fixation in Apache Airflow web interface
  from 0, < 2.7.1rc1
• HIGH7.7CVE-2020-17526Incorrect Session Validation in Apache Airflow
  from 0, < 1.10.14
• HIGH7.7CVE-2020-17526Incorrect Session Validation in Apache Airflow
  from 0, < 1.10.14
• HIGH7.5CVE-2026-31987Apache Airflow: JWT token appearing in logs
  >= 3.0.0, < 3.2.0
• HIGH7.5CVE-2025-66236Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
  >= 3.0.0, < 3.2.0
• HIGH7.5CVE-2025-66236Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
  from 0, < 3.2.0
• HIGH7.5CVE-2026-28779Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications
  >= 3.0.0, < 3.1.8
• HIGH7.5CVE-2026-28779Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications
  >= 3.0.0, < 3.1.8
• HIGH7.5CVE-2026-26929Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata
  >= 3.0.0, < 3.1.8
• HIGH7.5CVE-2026-26929Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata
  >= 3.0.0, < 3.1.8
• HIGH7.5CVE-2025-68438Apache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncated
  >= 3.1.0, < 3.1.6
• HIGH7.5CVE-2025-68675Apache Airflow: proxy credentials for various providers might leak in task logs
  >= 3.0.0b1, < 3.1.6
• HIGH7.5CVE-2025-68675Apache Airflow: proxy credentials for various providers might leak in task logs
  from 0, < 3.1.6
• HIGH7.5CVE-2025-68438Apache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncated
  >= 3.1.0, < 3.1.6
• HIGH7.5CVE-2024-45784Apache Airflow: Sensitive configuration values are not masked in the logs by default
  from 0, < 2.10.3
• HIGH7.5CVE-2023-50943Apache Airflow: Potential pickle deserialization vulnerability in XComs
  from 0, < 2.8.1rc1
• HIGH7.5CVE-2023-50943Apache Airflow: Potential pickle deserialization vulnerability in XComs
  from 0, < 2.8.1
• HIGH7.5CVE-2023-46215Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend
  >= 1.10.0, < 2.7.0
• HIGH7.5CVE-2023-39553apache-airflow-providers-apache-drill Improper Input Validation vulnerability
  from 0, < 2.4.3
• HIGH7.5CVE-2023-28707Apache Airflow Drill Provider vulnerable to improper input validation
  from 0, < 2.3.2
• HIGH7.5CVE-2022-27949Apache Airflow prior to 2.3.1 may include sensitive values in rendered template
  from 0, < 2.3.1
• HIGH7.5CVE-2022-27949Apache Airflow prior to 2.3.1 may include sensitive values in rendered template
  from 0, < 2.3.1
• HIGH7.5CVE-2022-40604Format String Vulnerability
  >= 2.3.0, < 2.4.0rc1
• HIGH7.5CVE-2022-40604Format String Vulnerability
  >= 2.3.0, < 2.4.0b1
• HIGH7.5CVE-2018-20245Improper Certificate Validation in Apache Airflow
  from 0, < 1.10.1
• HIGH7.5CVE-2018-20245Improper Certificate Validation in Apache Airflow
  from 0, < 1.10.1
• HIGH7.2CVE-2026-25917Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)
  from 0, < 3.2.0
• MEDIUM6.5CVE-2026-42360A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g.
  from 0, < 3.2.2
• MEDIUM6.5CVE-2026-45192A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connec…
  from 0, < 3.2.2
• MEDIUM6.5CVE-2026-25219Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access
  from 0, < 3.1.8
• MEDIUM6.5CVE-2026-34538Apache Airflow: Authorization bypass in DagRun wait endpoint (XCom exposure)
  >= 3.0.0, < 3.2.0
• MEDIUM6.5CVE-2026-34538Apache Airflow: Authorization bypass in DagRun wait endpoint (XCom exposure)
  >= 3.0.0, < 3.2.0
• MEDIUM6.5CVE-2025-27555Apache Airflow exposes sensitive information in its log files
  from 0, < 2.11.1
• MEDIUM6.5CVE-2025-65995Apache Airflow error reporting may expose full kwargs
  from 0, < 2.11.1
• MEDIUM6.5CVE-2026-22922Apache Airflow: Airflow externalLogUrl Permission Bypass
  >= 3.1.0, < 3.1.7
• MEDIUM6.5CVE-2026-24098Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors
  >= 3.0.0, < 3.1.7
• MEDIUM6.5CVE-2026-22922Apache Airflow: Airflow externalLogUrl Permission Bypass
  >= 3.1.0, < 3.1.7
• MEDIUM6.5CVE-2026-24098Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors
  from 0, < 3.1.7
• MEDIUM6.5CVE-2025-66388Apache Airflow: Secrets in rendered templates not redacted properly and exposed in the UI
  >= 3.1.0, < 3.1.4
• MEDIUM6.5CVE-2025-66388Apache Airflow: Secrets in rendered templates not redacted properly and exposed in the UI
  >= 3.1.0, < 3.1.5
• MEDIUM6.5CVE-2025-54831Apache Airflow: Connection sensitive details exposed to users with READ permissions
  from 0, <= 3.0.3-NA
• MEDIUM6.5CVE-2025-54831Apache Airflow: Connection sensitive details exposed to users with READ permissions
  >= 3.0.3, < 3.0.4
• MEDIUM6.5CVE-2024-50378Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data
  from 0, < 2.10.3
• MEDIUM6.5CVE-2023-50944Apache Airflow: Bypass permission verification to read code of other dags
  from 0, < 2.8.1rc1
• MEDIUM6.5CVE-2023-50944Apache Airflow: Bypass permission verification to read code of other dags
  from 0, < 2.8.1
• MEDIUM6.5CVE-2023-51702Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service
  >= 2.3.0, < 2.6.1
• MEDIUM6.5CVE-2023-50783Apache Airflow: Improper access control vulnerability on the "varimport" endpoint
  from 0, < 2.8.0
• MEDIUM6.5CVE-2023-50783Apache Airflow: Improper access control vulnerability on the "varimport" endpoint
  from 0, < 2.8.0
• MEDIUM6.5CVE-2023-49920Apache Airflow: Missing CSRF protection on DAG/trigger
  >= 2.7.0, < 2.8.0
• MEDIUM6.5CVE-2023-49920Apache Airflow: Missing CSRF protection on DAG/trigger
  >= 2.7.0, < 2.8.0b1
• MEDIUM6.5CVE-2023-42781Apache Airflow: Permission verification bypass allows viewing dagruns of other dags
  from 0, < 2.7.3
• MEDIUM6.5CVE-2023-42781Apache Airflow: Permission verification bypass allows viewing dagruns of other dags
  from 0, < 2.7.3
• MEDIUM6.5CVE-2023-42780Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-42792Apache Airflow: Improper access control to DAG resources
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-42663Apache Airflow: Bypass permission verification to view task instances of other dags
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-42663Apache Airflow: Bypass permission verification to view task instances of other dags
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-42792Apache Airflow: Improper access control to DAG resources
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-42780Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature
  from 0, < 2.7.2
• MEDIUM6.5CVE-2023-40712Apache Airflow: Secrets can be unmasked in the "Rendered Template"
  from 0, < 2.7.1
• MEDIUM6.5CVE-2023-40712Apache Airflow: Secrets can be unmasked in the "Rendered Template"
  from 0, < 2.7.1
• MEDIUM6.5CVE-2023-36543Apache Airflow: ReDoS via dags function
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-36543Apache Airflow: ReDoS via dags function
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-22887Apache Airflow path traversal by authenticated user
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-22888Apache Airflow: Scheduler remote DoS
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-22888Apache Airflow: Scheduler remote DoS
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-22887Apache Airflow path traversal by authenticated user
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-35908Apache Airflow: Access to DAGs without relevant permission
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-35908Apache Airflow: Access to DAGs without relevant permission
  from 0, < 2.6.3
• MEDIUM6.5CVE-2022-46651Apache Airflow: Security vulnerability on AirFlow Connections
  from 0, < 2.6.3
• MEDIUM6.5CVE-2022-46651Apache Airflow: Security vulnerability on AirFlow Connections
  from 0, < 2.6.3
• MEDIUM6.5CVE-2023-35005Apache Airflow: Information disclosure on configuration view
  >= 2.5.0, < 2.6.2
• MEDIUM6.5CVE-2023-35005Apache Airflow: Information disclosure on configuration view
  >= 2.5.0, < 2.6.2rc1
• MEDIUM6.5CVE-2021-45230Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver
  from 0, < 2.2.0
• MEDIUM6.5CVE-2021-45230Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver
  >= 1.10.0, < 2.0.0b1, >= 2.0.0, < 2.2.0
• MEDIUM6.5CVE-2021-26559CWE-284 Improper Access Control on Configurations Endpoint for the Stable API
  from 0, < 2.0.1
• MEDIUM6.5CVE-2021-26559CWE-284 Improper Access Control on Configurations Endpoint for the Stable API
  >= 2.0.0, < 2.0.1rc1
• MEDIUM6.1CVE-2024-41937Apache Airflow Cross-site Scripting Vulnerability
  from 0, < 2.10.0
• MEDIUM6.1CVE-2024-41937Apache Airflow Cross-site Scripting Vulnerability
  from 0, < 2.10.0
• MEDIUM6.1CVE-2022-45402Apache Airflow: Open redirect during login
  from 0, < 2.4.3
• MEDIUM6.1CVE-2022-45402Apache Airflow: Open redirect during login
  from 0, < 2.4.3
• MEDIUM6.1CVE-2022-43982Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL
  from 0, < 2.4.2
• MEDIUM6.1CVE-2022-43982Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL
  from 0, < 2.4.2rc1
• MEDIUM6.1CVE-2022-43985Apache Airflow prior to 2.4.2 has an open redirect
  from 0, < 2.4.2rc1
• MEDIUM6.1CVE-2022-43985Apache Airflow prior to 2.4.2 has an open redirect
  from 0, < 2.4.2
• MEDIUM6.1CVE-2022-40754Open Redirect
  >= 2.3.0, < 2.4.0rc1
• MEDIUM6.1CVE-2022-40754Open Redirect
  >= 2.3.0, < 2.4.0b1
• MEDIUM6.1CVE-2017-12614Apache Airflow Reflected Cross-site Scripting vulnerability in 404 Endpoint
  from 0, < 1.9.0
• MEDIUM6.1CVE-2017-12614Apache Airflow Reflected Cross-site Scripting vulnerability in 404 Endpoint
  from 0, < 1.9.0
• MEDIUM6.1CVE-2021-45229Apache Airflow: Reflected XSS via Origin Query Argument in URL
  from 0, < 2.2.4rc1
• MEDIUM6.1CVE-2021-45229Apache Airflow: Reflected XSS via Origin Query Argument in URL
  from 0, < 2.2.4rc1
• MEDIUM6.1CVE-2021-28359Apache Airflow Reflected XSS via Origin Query Argument in URL
  >= 1.8.1, < 1.10.15, >= 2.0.0, < 2.0.2
• MEDIUM6.1CVE-2021-28359Apache Airflow Reflected XSS via Origin Query Argument in URL
  from 0, < 1.10.15
• MEDIUM6.1CVE-2020-13944Apache Airflow Cross-site Scripting
  from 0, < 1.10.12
• MEDIUM6.1CVE-2020-13944Apache Airflow Cross-site Scripting
  from 0, < 1.10.12
• MEDIUM6.1CVE-2020-17515Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944
  from 0, < 1.10.15rc1
• MEDIUM6.1CVE-2020-17515Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944
  from 0, < 1.10.13
• MEDIUM6.1CVE-2020-9485Stored XSS in Apache Airflow
  from 0, < 1.10.11
• MEDIUM6.1CVE-2020-9485Stored XSS in Apache Airflow
  from 0, < 1.10.11rc1
• MEDIUM5.9CVE-2026-41017Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server be…
  >= 3.0.0, < 3.2.2
• MEDIUM5.9CVE-2024-27906Apache Airflow: Dag Code and Import Error Permissions Ignored
  from 0, < 2.8.2
• MEDIUM5.9CVE-2024-27906Apache Airflow: Dag Code and Import Error Permissions Ignored
  from 0, < 2.8.2
• MEDIUM5.9CVE-2023-39441Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation
  from 0, < 2.7.0
• MEDIUM5.5CVE-2024-25142Apache Airflow does not return the "Cache-Control" header for dynamic content
  from 0, < 2.9.2
• MEDIUM5.5CVE-2024-25142Apache Airflow does not return the "Cache-Control" header for dynamic content
  from 0, < 2.9.2
• MEDIUM5.5CVE-2022-40954Apache Airflow Spark Provider RCE that bypass restrictions to read arbitrary files
  from 0, < 2.3.0
• MEDIUM5.5CVE-2018-20244Apache Airflow vulnerable to Stored XSS
  from 0, < 1.10.2
• MEDIUM5.5CVE-2018-20244Apache Airflow vulnerable to Stored XSS
  from 0, < 1.10.2
• MEDIUM5.4CVE-2025-62402Apache Airflow: Airflow 3 API: /api/v2/dagReports executes DAG Python in API
  >= 3.0.0, < 3.1.1
• MEDIUM5.4CVE-2024-39863Apache Airflow Potential Cross-site Scripting Vulnerability
  from 0, < 2.9.3
• MEDIUM5.4CVE-2024-39863Apache Airflow Potential Cross-site Scripting Vulnerability
  from 0, < 2.9.3
• MEDIUM5.4CVE-2024-32077Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
  >= 2.9.0, < 2.9.1
• MEDIUM5.4CVE-2024-32077Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
  from 0, <= 2.9.0-NA, <= 2.9.0-beta1, <= 2.9.0-beta2, <= 2.9.0-rc1, <= 2.9.0-rc2, <= 2.9.0-rc3
• MEDIUM5.4CVE-2023-47265Apache Airflow: DAG Params alllow to embed unchecked Javascript
  >= 2.6.0, < 2.8.0b1
• MEDIUM5.4CVE-2023-47265Apache Airflow: DAG Params alllow to embed unchecked Javascript
  >= 2.6.0, < 2.8.0b1
• MEDIUM5.4CVE-2023-29247Stored XSS on Apache Airflow
  from 0, < 2.6.0
• MEDIUM5.4CVE-2023-29247Stored XSS on Apache Airflow
  from 0, < 2.6.0
• MEDIUM5.4CVE-2020-11983Multiple stored XSS in RBAC Admin screens in Apache Airflow
  from 0, < 1.10.11rc1
• MEDIUM5.4CVE-2020-11983Multiple stored XSS in RBAC Admin screens in Apache Airflow
  from 0, < 1.10.11
• MEDIUM5.3CVE-2026-30912Apache Airflow: Exposing stack trace in case of constraint error
  from 0, < 3.2.0
• MEDIUM5.3CVE-2024-29735Apache Airflow: Potentially harmful permission changing by log task handler
  >= 2.8.2, < 2.8.4
• MEDIUM5.3CVE-2023-25695Information disclosure in Apache Airflow
  from 0, < 2.5.2rc1
• MEDIUM5.3CVE-2023-25695Information disclosure in Apache Airflow
  from 0, < 2.5.2
• MEDIUM5.3CVE-2021-35936No Authentication on Logging Server
  from 0, < 2.1.2
• MEDIUM5.3CVE-2021-35936No Authentication on Logging Server
  from 0, < 2.1.2
• MEDIUM5.3CVE-2021-26697Apache Airflow: Lineage API endpoint for Experimental API missed authentication check
  from 0, < 2.0.1
• MEDIUM5.3CVE-2021-26697Apache Airflow: Lineage API endpoint for Experimental API missed authentication check
  >= 2.0.0, < 2.0.1rc1
• MEDIUM5.3CVE-2020-17513SSRF vulnerability in Apache Airflow
  from 0, < 1.10.13
• MEDIUM5.3CVE-2020-17513SSRF vulnerability in Apache Airflow
  from 0, < 1.10.13
• MEDIUM4.8CVE-2026-32794Apache Airflow Provider for Databricks: TLS Certificate Verification is Disabled in Databricks Provider K8s Token Exchange
  >= 1.10.0, < 1.12.0
• MEDIUM4.8CVE-2019-12398XSS in Apache Airflow
  from 0, < 1.10.5
• MEDIUM4.8CVE-2019-12398XSS in Apache Airflow
  from 0, < 1.10.5
• MEDIUM4.8CVE-2019-12417Apache Airflow vulnerable to XSS and local file disclosure
  from 0, < 1.10.6rc1
• MEDIUM4.8CVE-2019-0216Apache Airflow vulnerable to Stored XSS
  from 0, < 1.10.3
• MEDIUM4.8CVE-2019-0216Apache Airflow vulnerable to Stored XSS
  from 0, < 1.10.3b1
• MEDIUM4.7CVE-2024-26280Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs)
  from 0, < 2.8.2
• MEDIUM4.7CVE-2024-26280Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs)
  from 0, < 2.8.2
• MEDIUM4.7CVE-2022-38170Overly permissive umask for daemons
  from 0, < 2.3.4
• MEDIUM4.7CVE-2022-38170Overly permissive umask for daemons
  from 0, < 2.3.4
• MEDIUM4.6CVE-2025-54941Apache Airflow: Command injection in "example_dag_decorator"
  >= 3.0.0, < 3.0.5
• MEDIUM4.6CVE-2025-62503Apache Airflow: Privilege boundary bypass in bulk APIs (create action can upsert existing Pools/Connections/Variables)
  >= 3.0.0, < 3.1.1
• MEDIUM4.3CVE-2026-38743Apache Airflow: Dags endpoint might provide access to otherwise inaccessible entities
  from 0, < 3.2.1rc1
• MEDIUM4.3CVE-2026-40690Apache Airflow: Assets graph view bypasses DAG level access control displaying unrelated topologies and all DAGs names to unauthorized users
  from 0, < 3.2.1rc1
• MEDIUM4.3CVE-2026-28563Apache Airflow: DAG authorization bypass
  >= 3.0.0, < 3.1.8
• MEDIUM4.3CVE-2026-28563Apache Airflow: DAG authorization bypass
  >= 3.0.0, < 3.1.8
• MEDIUM4.3CVE-2024-31869Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used
  >= 2.7.0, < 2.9.0
• MEDIUM4.3CVE-2023-48291Apache Airflow: Improper access control to DAG resources
  from 0, < 2.8.0
• MEDIUM4.3CVE-2023-48291Apache Airflow: Improper access control to DAG resources
  from 0, < 2.8.0
• MEDIUM4.3CVE-2023-47037Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access)
  from 0, < 2.7.3
• MEDIUM4.3CVE-2023-47037Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access)
  from 0, < 2.7.3
• MEDIUM4.3CVE-2023-46288Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set
  >= 2.4.0, < 2.7.2
• MEDIUM4.3CVE-2023-46288Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set
  >= 2.4.0, < 2.7.0
• MEDIUM4.3CVE-2023-45348Apache Airflow: Configuration information leakage vulnerability
  >= 2.7.0, < 2.7.2
• MEDIUM4.3CVE-2023-45348Apache Airflow: Configuration information leakage vulnerability
  >= 2.7.0, < 2.7.2
• MEDIUM4.3CVE-2023-40611Apache Airflow Dag Runs Broken Access Control Vulnerability
  from 0, < 2.7.1
• MEDIUM4.3CVE-2023-40611Apache Airflow Dag Runs Broken Access Control Vulnerability
  from 0, < 2.7.1
• MEDIUM4.2CVE-2024-42447Apache Airflow Providers FAB Insufficient Session Expiration vulnerability
  from 0, <= 1.2.1, <= 1.2.0
• LOW3.7CVE-2026-32690Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1
  >= 3.0.0, < 3.2.0
• LOW3.1CVE-2026-45426Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag.
  >= 3.0.0, < 3.2.2
• LOW2.8CVE-2020-17511Apache Airflow logs passwords in plaintext
  from 0, < 1.10.13
• LOW2.8CVE-2020-17511Apache Airflow logs passwords in plaintext
  from 0, < 1.10.13