| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-25956 | Apache Airflow AWS Provider: Arbitrary file read via AWS provider | Apache Software Foundation | Apache Airflow AWS Provider | 高危 | - | 2023-02-24 11:48:33 | Deep Dive |
| CVE-2023-25696 | Apache Airflow Hive Provider Beeline RCE | Apache Software Foundation | Apache Airflow Hive Provider | 超危 | - | 2023-02-24 11:48:21 | Deep Dive |
| CVE-2023-25693 | Sqoop Apache Airflow Provider Remote Code Execution Vulnerability | Apache Software Foundation | Apache Airflow Sqoop Provider | 超危 | - | 2023-02-24 11:48:11 | Deep Dive |
| CVE-2023-25692 | Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service | Apache Software Foundation | Apache Airflow Google Provider | 高危 | - | 2023-02-24 11:48:00 | Deep Dive |
| CVE-2023-25691 | Apache Airflow Google Provider: Google Cloud Sql Provider Remote Command Execution | Apache Software Foundation | Apache Airflow Google Provider | 超危 | - | 2023-02-24 11:35:49 | Deep Dive |
| CVE-2023-22884 | Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow | Apache Software Foundation | Apache Airflow | 超危 | - | 2023-01-21 13:02:49 | Deep Dive |
| CVE-2022-46421 | Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params | Apache Software Foundation | Apache Airflow Hive Provider | 超危 | - | 2022-12-20 10:20:39 | Deep Dive |
| CVE-2022-38649 | Apache Airflow Pinot provider allowed Command Injection | Apache Software Foundation | Apache Airflow Pinot Provider | 超危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-40189 | Apache Airlfow Pig Provider RCE | Apache Software Foundation | Apache Airlfow Pig Provider | 超危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-40954 | Apache Airflow Spark Provider RCE that bypass restrictions to read arbitrary files | Apache Software Foundation | Apache Airflow Spark Provider | 中危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-41131 | Apache Airflow Hive Provider vulnerability (command injection via hive_cli connection) | Apache Software Foundation | Apache Airflow Hive Provider | 高危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-45402 | Apache Airflow: Open redirect during login | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-27949 | Apache Airflow prior to 2.3.1 may include sensitive values in rendered template | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-11-14 00:00:00 | Deep Dive |
| CVE-2022-40127 | Apache Airflow <2.4.0 has an RCE in a bash example | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-11-14 00:00:00 | Deep Dive |
| CVE-2022-43982 | Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-11-02 00:00:00 | Deep Dive |
| CVE-2022-43985 | Apache Airflow prior to 2.4.2 has an open redirect | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-11-02 00:00:00 | Deep Dive |
| CVE-2022-41672 | Session still functional after user is deactivated | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-10-07 00:00:00 | Deep Dive |
| CVE-2022-40754 | Open Redirect | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-09-21 07:25:12 | Deep Dive |
| CVE-2022-40604 | Format String Vulnerability | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-09-21 07:25:11 | Deep Dive |
| CVE-2022-38054 | Session Fixation | Apache Software Foundation | Apache Airflow | 超危 | - | 2022-09-02 07:10:21 | Deep Dive |