CVE-2026-27173
- EPSS 0.16%
- Veröffentlicht 19.05.2026 19:19:00
- Zuletzt bearbeitet 02.07.2026 16:37:59
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Ta...
CVE-2023-51702
- EPSS 0.38%
- Veröffentlicht 24.01.2024 13:15:08
- Zuletzt bearbeitet 02.07.2026 17:01:47
Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without...
CVE-2023-33234
- EPSS 1.53%
- Veröffentlicht 30.05.2023 11:15:09
- Zuletzt bearbeitet 02.07.2026 17:01:47
Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions (Op or...