Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

27 advisories

Loading
Apache Airflow missing Certificate Validation Moderate
CVE-2023-39441 was published for apache-airflow (pip) Aug 23, 2023
sunSUNQ
Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only Moderate
CVE-2023-45348 was published for apache-airflow (pip) Oct 14, 2023
sunSUNQ
Apache Airflow Contains Open Redirect Moderate
CVE-2022-45402 was published for apache-airflow (pip) Nov 15, 2022
sunSUNQ
Apache Airflow vulnerable to sensitive information exposure when users list warnings for all DAGs Moderate
CVE-2023-42780 was published for apache-airflow (pip) Oct 14, 2023
sunSUNQ
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944 Moderate
CVE-2020-17515 was published for apache-airflow (pip) Apr 20, 2021
sunSUNQ
Apache Airflow vulnerable to XSS and local file disclosure Moderate
CVE-2019-12417 was published for airflow (pip) Nov 22, 2019
sunSUNQ
Missing Authorization in Apache Airflow Moderate
CVE-2021-35936 was published for apache-airflow (pip) Aug 30, 2021
sunSUNQ
Apache Airflow exposes arbitrary file content Moderate
CVE-2022-38170 was published for apache-airflow (pip) Sep 3, 2022
sunSUNQ
SSRF vulnerability in Apache Airflow Moderate
CVE-2020-17513 was published for apache-airflow (pip) Dec 17, 2020
sunSUNQ
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2019-0216 was published for apache-airflow (pip) Apr 12, 2019
sunSUNQ
Cross-site Scripting in Apache Airflow Moderate
CVE-2021-28359 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Apache Airflow Incorrect Authorization vulnerability Moderate
CVE-2023-40611 was published for apache-airflow (pip) Sep 12, 2023
sunSUNQ
Apache Airflow Cross-site Scripting Vulnerability Moderate
CVE-2021-45229 was published for apache-airflow (pip) Feb 26, 2022
sunSUNQ
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Cross-site scripting in django Moderate
CVE-2011-0697 was published for Django (pip) Jul 23, 2018
sunSUNQ
Django settings leak in date template filter Moderate
CVE-2015-8213 was published for Django (pip) May 17, 2022
sunSUNQ
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for Django (pip) Jan 4, 2019
sunSUNQ
Django allows unprivileged users to read the password hashes of arbitrary accounts Moderate
CVE-2018-16984 was published for django (pip) Oct 3, 2018
sunSUNQ
Django Cross-site Scripting in AdminURLFieldWidget Moderate
CVE-2019-12308 was published for Django (pip) Jun 10, 2019
sunSUNQ
Pillow Out-of-bounds Read Moderate
CVE-2020-35655 was published for pillow (pip) Mar 18, 2021
sunSUNQ
Regular Expression Denial of Service (ReDoS) in Pillow Moderate
CVE-2021-25292 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Improper Initialization in Pillow Moderate
CVE-2022-22815 was published for Pillow (pip) Jan 12, 2022
sunSUNQ
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate
CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024
oscerd sunSUNQ
ProTip! Advisories are also available from the GraphQL API