kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-common-sql/1.17.1/
https://pypi.org/project/apache-airflow-providers-openlineage/1.12.1/
Cheers,
Elad Kalif
oject/apache-airflow-providers-snowflake/5.7.1/
https://pypi.org/project/apache-airflow-providers-tableau/4.6.1/
Cheers,
Elad Kalif
s-ssh/3.13.1/
https://pypi.org/project/apache-airflow-providers-tabular/1.6.1/
Cheers,
Elad Kalif
iders-zendesk/4.8.0/
Cheers,
Elad Kalif
iders-sqlite/3.8.2/
https://pypi.org/project/apache-airflow-providers-ssh/3.12.0/
https://pypi.org/project/apache-airflow-providers-teradata/2.5.0/
https://pypi.org/project/apache-airflow-providers-ydb/1.2.0/
Cheers,
Elad Kalif
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-fab/1.2.2/
Cheers,
Elad Kalif
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-apache-spark/4.9.0/
Cheers,
Elad Kalif
kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-amazon/8.26.0/
https://pypi.org/project/apache-airflow-providers-weaviate/2.0.0/
Cheers,
Elad Kalif
s-ydb/1.1.0/
Cheers,
Elad Kalif
rflow-providers-vertica/3.8.2/
https://pypi.org/project/apache-airflow-providers-weaviate/1.4.2/
https://pypi.org/project/apache-airflow-providers-yandex/3.11.2/
https://pypi.org/project/apache-airflow-providers-ydb/1.0.0/
Cheers,
Elad Kalif
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-amazon/8.24.0/
https://pypi.org/project/apache-airflow-providers-celery/3.7.2/
https://pypi.org/project/apache-airflow-providers-cncf-kubernetes/8.3.1/
Cheers,
Elad Kalif
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-cncf-kubernetes/8.3.0/
https://pypi.org/project/apache-airflow-providers-teradata/2.2.0/
Cheers,
Elad Kalif
oject/apache-airflow-providers-yandex/3.11.1/
https://pypi.org/project/apache-airflow-providers-zendesk/4.7.1/
Cheers,
Elad Kalif
azure/10.1.0/
https://pypi.org/project/apache-airflow-providers-tabular/1.5.1/
Cheers,
Elad Kalif
5.7.0/
https://pypi.org/project/apache-airflow-providers-vertica/3.8.0/
https://pypi.org/project/apache-airflow-providers-weaviate/1.4.0/
https://pypi.org/project/apache-airflow-providers-yandex/3.11.0/
https://pypi.org/project/apache-airflow-providers-zendesk/4.7.0/
Cheers,
Elad Kalif
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-cncf-kubernetes/8.1.1/
https://pypi.org/project/apache-airflow-providers-databricks/6.3.0/
https://pypi.org/project/apache-airflow-providers-fab/1.0.4/
Cheers,
Elad Kalif
Severity: low
Affected versions:
- Apache Airflow FTP Provider before 3.7.0
Description:
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider.
The FTP hook lacks complete certificate validation in FTP_TLS connections,
which can potentially be leveraged. Implementing pr
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-yandex/3.10.0/
Cheers,
Elad Kalif
oject/apache-airflow-providers-sftp/4.9.1/
https://pypi.org/project/apache-airflow-providers-slack/8.6.2/
https://pypi.org/project/apache-airflow-providers-snowflake/5.4.0/
https://pypi.org/project/apache-airflow-providers-weaviate/1.3.4/
Cheers,
Elad Kalif
i.org/project/apache-airflow-providers-trino/5.6.3/
https://pypi.org/project/apache-airflow-providers-weaviate/1.3.3/
Cheers,
Elad Kalif
kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-teradata/2.0.0/
Cheers,
Elad Kalif
Severity: low
Affected versions:
- Apache Airflow Mongo Provider 1.0.0 before 4.0.0
Description:
When ssl was enabled for Mongo Hook, default settings included "allow_insecure"
which caused that certificates were not validated. This was unexpected and
undocumented.
Users are recommended to up
kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-cncf-kubernetes/8.0.0/
Cheers,
Elad Kalif
kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-amazon/8.18.0/
https://pypi.org/project/apache-airflow-providers-common-sql/1.11.0/
Cheers,
Elad Kalif
i.org/project/apache-airflow-providers-weaviate/1.3.2/
https://pypi.org/project/apache-airflow-providers-yandex/3.9.0/
Cheers,
Elad Kalif
kages.
Full list of released PyPI packages:
https://pypi.org/project/apache-airflow-providers-microsoft-azure/9.0.0/
Cheers,
Elad Kalif
i.org/project/apache-airflow-providers-opsgenie/5.5.0/
https://pypi.org/project/apache-airflow-providers-pagerduty/3.6.0/
https://pypi.org/project/apache-airflow-providers-redis/3.6.0/
https://pypi.org/project/apache-airflow-providers-samba/4.5.0/
Cheers,
Elad Kalif
kages.
Cheers,
Elad Kalif
/docs/apache-airflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
from the PyPI packages.
Cheers,
Elad Kalif
e.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
e.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: moderate
Affected versions:
- Apache Airflow Celery provider 3.3.0 through 3.4.0
- Apache Airflow 1.10.0 before 2.7.0
Description:
Insertion of Sensitive Information into Log File vulnerability in Apache
Airflow Celery provider, Apache Airflow.
Sensitive information logged as clear
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
lling-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
rflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: low
Affected versions:
- Apache Airflow HDFS Provider before 4.1.1
Description:
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation
info pointed users to an install incorrect pip package. As this package name
was unclaimed, in theory, an attacker could clai
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
s via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: moderate
Affected versions:
- Apache Airflow Spark Provider before 4.1.3
Description:
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted
Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark
Provider.
When the Apache Spark provide
Severity: moderate
Affected versions:
- Apache Airflow Sqoop Provider before 4.0.0
Description:
Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a
vulnerability that allows an attacker pass parameters with the connections,
which makes it possible to implement RCE attacks v
Severity: moderate
Affected versions:
- Apache Airflow Spark Provider before 4.1.3
Description:
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a
vulnerability that allows an attacker to pass in malicious parameters when
establishing a connection giving an opportunity to
Also want to credit id_No2015429 of 3H Security Team for this report of the
same issue.
On 2023/08/11 04:57:45 Elad Kalif wrote:
> Severity: moderate
>
> Affected versions:
>
> - Apache Airflow Drill Provider before 2.4.3
>
> Description:
>
> Improper Input Validat
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: moderate
Affected versions:
- Apache Airflow Drill Provider before 2.4.3
Description:
Improper Input Validation vulnerability in Apache Software Foundation Apache
Airflow Drill Provider.
Apache Airflow Drill Provider is affected by a vulnerability that allows an
attacker to pass in
rflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
pache-airflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
iders/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
e.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
pache-airflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: moderate
Affected versions:
- Apache Airflow Apache Hive Provider before 6.1.2
Description:
Improper Input Validation vulnerability in Apache Software Foundation Apache
Airflow Apache Hive Provider.
Patching on top of CVE-2023-35797
Before 6.1.2 the proxy_user option can also inject
rflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
pache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: moderate
Affected versions:
- Apache Airflow Apache Hive Provider before 6.1.1
Description:
Improper Input Validation vulnerability in Apache Software Foundation Apache
Airflow Hive Provider.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.
Before version 6.1.1
Severity: low
Affected versions:
- Apache Airflow ODBC Provider before 4.0.0
- Apache Airflow MSSQL Provider before 3.4.1
Description:
Input Validation vulnerability in Apache Software Foundation Apache Airflow
ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This
vulne
Severity: low
Affected versions:
- Apache Airflow JDBC Provider before 4.0.0
Description:
Improper Input Validation vulnerability in Apache Software Foundation Apache
Airflow JDBC Provider.
Airflow JDBC Provider Connection’s [Connection URL] parameters had no
restrictions, which made it possib
Severity: moderate
Affected versions:
- Apache Airflow ODBC Provider before 4.0.0
Description:
Improper Neutralization of Argument Delimiters in a Command ('Argument
Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC
Provider.
In OdbcHook, A privilege escalation vulne
/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: low
Affected versions:
- Apache Airflow 2.5.0 before 2.6.2
Description:
In Apache Airflow, some potentially sensitive values were being shown to the
user in certain situations.
This vulnerability is mitigated by the fact configuration is not shown in the
UI by default (only
notes here for more details:
https://airflow.apache.org/docs/apache-airflow/2.6.2/release_notes.html
Container images are published at:
https://hub.docker.com/r/apache/airflow/tags/?page=1&name=2.6.2
Cheers,
Elad Kalif
https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
Severity: low
Affected versions:
- Apache Airflow CNCF Kubernetes Provider 5.0.0 through 6.1.0
Description:
Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version
5.0.0 allows user to change xcom sidecar image and resources via Airflow
connection.
In order to exploit thi
/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
inked
from the PyPI packages.
Cheers,
Elad Kalif
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
pache-airflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
rflow-providers/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
rflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
iders/installing-from-sources
You can install the providers via PyPI:
https://airflow.apache.org/docs/apache-airflow-providers/installing-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and linked
from the PyPI packages.
Cheers,
Elad Kalif
-from-pypi
The documentation is available at https://airflow.apache.org/docs/ and
linked from the PyPI packages.
Cheers,
Elad Kalif
78 matches
Mail list logo