/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-xqf6-7pmq-h43m

Published

Last updated

https://images.chainguard.dev/security/CGA-xqf6-7pmq-h43m
Package

airflow-3

RepositoryWolfi
Latest Update
Pending upstream fix
Aliases
  • CVE-2025-50213
  • GHSA-9r64-3wmc-x8m8

Severity

9.8

Critical

CVSS V3

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-50213
  • https://github.com/advisories/GHSA-9r64-3wmc-x8m8

Updates

Status

Pending upstream fix

Impact

Airflow v3.0.2 tagged version has apache-airflow-providers-snowflake dipendency at version 6.2.1. We need to wait for upstream to release another version for Airflow that has the fixed dipendency at v6.4.0. At the moment upstream released it in a not-tagged Airflow version commit. Once upstream release a tagged version with a fixed apache-airflow-providers-snowflake, we can update it.

Status

Under investigation

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal