Product Research Enterprise Plans Docs

PyPi: Airflow-Duckdb

CVE-2024-26130

Transitive

Safety vulnerability ID: 65643

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 21, 2024 Updated at Feb 28, 2024

Scan your Python projects for vulnerabilities →

Advisory

Airflow-duckdb version 0.1.1 updates its cryptography dependency from 42.0.2 to 42.0.4 to address the security issue CVE-2024-26130, enhancing its security features.
https://github.com/hussein-awala/airflow-duckdb/commit/bdae387e9ee2c7045091b20632a740236405e54c

Affected package

airflow-duckdb

Latest version: 0.1.2

A package to run DuckDB queries from Apache Airflow

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* fix(security): bump cryptography version to fix CVE-2024-26130 by hussein-awala in https://github.com/hussein-awala/airflow-duckdb/pull/2

**Full Changelog**: https://github.com/hussein-awala/airflow-duckdb/compare/0.1.0...0.1.1

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26130

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application