apache-airflow vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-54941Mediumapache-airflow: Apache Airflow has a command injection vulnerability in "example_dag_decorator"CVE-2025-54831Mediumapache-airflow: Apache Airflow: Connection sensitive details exposed to users with READ permissionsCVE-2024-50378Lowapache-airflow: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent DataCVE-2024-45034Highapache-airflow: Apache Airflow vulnerable to Execution with Unnecessary PrivilegesCVE-2024-45498Highapache-airflow: Apache Airflow vulnerable to Improper Encoding or Escaping of OutputCVE-2024-41937Mediumapache-airflow: Apache Airflow Cross-site Scripting VulnerabilityCVE-2024-39877Highapache-airflow: Apache Airflow has DAG Author Code Execution possibility in airflow-schedulerCVE-2024-39863Mediumapache-airflow: Apache Airflow Potential Cross-site Scripting VulnerabilityCVE-2024-25142Lowapache-airflow: Apache Airflow does not return the "Cache-Control" header for dynamic contentCVE-2024-32077Mediumapache-airflow: Apache Airflow: XSS vulnerability in Task Instance Log/Log DetailsCVE-2024-31869Mediumapache-airflow: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config…CVE-2024-29735Mediumapache-airflow: Apache Airflow Improper Preservation of Permissions vulnerabilityCVE-2024-28746Mediumapache-airflow: Apache Airflow: Ignored Airflow PermissionCVE-2024-26280Mediumapache-airflow: Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers usersCVE-2024-27906Mediumapache-airflow: Apache Airflow: DAG Code and Import Error Permissions IgnoredCVE-2023-50944Highapache-airflow: Apache Airflow: Bypass permission verification to read code of other dagsCVE-2023-51702Mediumapache-airflow: Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved…CVE-2023-50943Highapache-airflow: Apache Airflow: pickle deserialization vulnerability in XComsCVE-2023-49920Mediumapache-airflow: Apache Airflow Cross-Site Request Forgery vulnerabilityCVE-2023-50783Mediumapache-airflow: Apache Airflow Improper Access Control vulnerabilityCVE-2023-48291Mediumapache-airflow: Apache Airflow vulnerable to Exposure of Resource to Wrong SphereCVE-2023-47265Mediumapache-airflow: Apache Airflow has a stored cross-site scripting vulnerabilityCVE-2023-42781Highapache-airflow: Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized ActorCVE-2023-47037Mediumapache-airflow: Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail…CVE-2023-46215Highapache-airflow-providers-celery: Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability

Stop the waste.
Protect your environment with Kodem.