Search for packages
| purl | pkg:pypi/apache-airflow@3.1.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4fjp-pn9s-tyhz
Aliases: CVE-2025-68438 GHSA-3qmm-r55x-hpxx PYSEC-2026-9 |
In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed [core] max_templated_field_length, sensitive values could be exposed in cleartext in the Rendered Templates UI. This occurred because serialization of those fields used a secrets masker instance that did not include user-registered mask_secret() patterns, so secrets were not reliably masked before truncation and display. Users are recommended to upgrade to 3.1.6 or later, which fixes this issue |
Affected by 11 other vulnerabilities. |
|
VCID-9x6r-5m59-yyap
Aliases: CVE-2025-66236 PYSEC-2026-8 |
Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though Airflow's intentions and security model of Airflow did not suggest different assumptions. The overall security model [1], workload isolation [2], and JWT authentication details [3] are now described in more detail. Users concerned with role isolation and following the Airflow security model of Airflow are advised to upgrade to Airflow 3.2, where several security improvements have been implemented. They should also read and follow the relevant documents to make sure that their deployment is secure enough. It also clarifies that the Deployment Manager is ultimately responsible for securing your Airflow deployment. This had also been communicated via Airflow 3.2.0 Blog announcement [4]. [1] Security Model: https://airflow.apache.org/docs/apache-airflow/stable/security/jwt_token_authentication.html [2] Workload isolation: https://airflow.apache.org/docs/apache-airflow/stable/security/workload.html [3] JWT Token authentication: https://airflow.apache.org/docs/apache-airflow/stable/security/jwt_token_authentication.html [4] Airflow 3.2.0 Blog announcement: https://airflow.apache.org/blog/airflow-3.2.0/ Users are recommended to upgrade to version 3.2.0, which fixes this issue. |
Affected by 0 other vulnerabilities. |
|
VCID-bv7f-s53t-uqe4
Aliases: CVE-2026-34538 PYSEC-2026-21 |
Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security model documentation that defines the Viewer role as read-only. Airflow uses the FAB Auth Manager to manage access control on a per-resource basis. The Viewer role is intended to be read-only by default, and the security model documentation defines Viewer users as those who can inspect DAGs without accessing sensitive execution results. Users are recommended to upgrade to Apache Airflow 3.2.0 which resolves this issue. |
Affected by 0 other vulnerabilities. |
|
VCID-g8pv-cam5-d7dj
Aliases: CVE-2026-28779 PYSEC-2026-16 |
Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself. Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue. |
Affected by 6 other vulnerabilities. |
|
VCID-j6uh-kx6m-sydp
Aliases: CVE-2026-25917 PYSEC-2026-13 |
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue. |
Affected by 0 other vulnerabilities. |
|
VCID-kmz1-dm9f-d7hj
Aliases: CVE-2026-30911 PYSEC-2026-17 |
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue. |
Affected by 6 other vulnerabilities. |
|
VCID-m3ff-jty5-3uhw
Aliases: CVE-2026-26929 PYSEC-2026-14 |
Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a result, version metadata of DAGs that the requester is not authorized to access is returned. Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue. |
Affected by 6 other vulnerabilities. |
|
VCID-nrc9-bdc2-dfes
Aliases: CVE-2026-28563 PYSEC-2026-15 |
Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dependencies permission to enumerate DAGs they are not authorized to view. Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue. |
Affected by 6 other vulnerabilities. |
|
VCID-pvh4-3wng-ekdq
Aliases: CVE-2026-32690 PYSEC-2026-19 |
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked. If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to Apache Airflow 3.2.0 that has the fix implemented |
Affected by 0 other vulnerabilities. |
|
VCID-tj2m-5j3f-5ueq
Aliases: CVE-2026-22922 GHSA-pm44-x5x7-24c4 PYSEC-2026-11 |
Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this issue. |
Affected by 9 other vulnerabilities. |
|
VCID-tpjn-4kru-vucv
Aliases: CVE-2026-30912 PYSEC-2026-18 |
In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue. |
Affected by 0 other vulnerabilities. |
|
VCID-vras-f42j-xqfg
Aliases: CVE-2025-68675 GHSA-7c2f-r6gc-h92h PYSEC-2026-10 |
In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore were not automatically masked in log output. As a result, when such connections are rendered or printed to logs, proxy credentials embedded in these fields could be exposed. Users are recommended to upgrade to 3.1.6 or later for Airflow 3, and 2.11.1 or later for Airflow 2 which fixes this issue |
Affected by 11 other vulnerabilities. |
|
VCID-vwv4-7y7y-9fcj
Aliases: CVE-2026-24098 GHSA-5g2w-9f8g-g5q7 PYSEC-2026-12 |
Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue |
Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-nrgz-jdnp-kyet | A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this issue. |
CVE-2025-66388
GHSA-fv47-pqh6-wxgq PYSEC-2025-86 |