Apache Apache-airflow-providers-ftp
2 CVEs affecting Apache Apache-airflow-providers-ftp. Latest disclosed: 2026-06-26. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-49486 | High | 7.5 | 2026-06-26 | The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was… |
CVE-2024-29733 | Low | 2.7 | 2024-04-21 | Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTP_TLS connections, which… |