airflow@0.6 vulnerabilities

Placeholder for the old Airflow package

Known vulnerabilities in the airflow package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Arbitrary Code Execution `airflow` is a Programmatically author, schedule and monitor data pipelines. Affected versions of this package are vulnerable to Arbitrary Code Execution. Anyone able to modify the application's underlying database, or a computer where certain DAG tasks are executed, may execute arbitrary code on the Airflow host.	[0.1,)
H Arbitrary Code Execution `airflow` is a Programmatically author, schedule and monitor data pipelines. Affected versions of this package are vulnerable to Arbitrary Code Execution. User input is sent unchecked to the the python `eval` function which directly executes the parameters. Any user who can create or edit charts may execute arbitrary code on the server.	[0.1,)
M Arbitrary Code Execution airflow is a placeholder for the old Airflow package. Affected versions of this package are vulnerable to Arbitrary Code Execution due to a flaw in the code that evaluates a variable improperly, allowing an attacker to hijack the interpreter. How to fix Arbitrary Code Execution? There is no fixed version for `airflow`.	[0.1,)