{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32794", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-03-16T10:17:35.548Z", "datePublished": "2026-03-30T21:43:38.144Z", "dateUpdated": "2026-03-31T13:31:19.039Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://pypi.python.org", "defaultStatus": "unaffected", "packageName": "apache-airflow-providers-databricks", "product": "Apache Airflow Provider for Databricks", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "1.12.0", "status": "affected", "version": "1.10.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Kai Aizen"}, {"lang": "en", "type": "remediation developer", "value": "Marcin Wojtyczka"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o notice.</p><p>This issue affects Apache Airflow Provider for Databricks: from 1.10.0 before 1.12.0.</p><p>Users are recommended to upgrade to version 1.12.0, which fixes the issue.</p>"}], "value": "Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o notice.\n\nThis issue affects Apache Airflow Provider for Databricks: from 1.10.0 before 1.12.0.\n\nUsers are recommended to upgrade to version 1.12.0, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "low"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-03-30T21:43:38.144Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/airflow/pull/63704"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/hn17yqsgsdtl81llvhf80rkp53hnz5nb"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow Provider for Databricks: TLS Certificate Verification Disabled in Databricks Provider K8s Token Exchange", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/30/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-30T23:11:36.468Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T13:31:16.526806Z", "id": "CVE-2026-32794", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:31:19.039Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/03/30/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-30T23:11:36.468Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-32794", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T13:31:16.526806Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:30:57.383Z"}}], "cna": {"title": "Apache Airflow Provider for Databricks: TLS Certificate Verification Disabled in Databricks Provider K8s Token Exchange", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "Kai Aizen"}, {"lang": "en", "type": "remediation developer", "value": "Marcin Wojtyczka"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "low"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Airflow Provider for Databricks", "versions": [{"status": "affected", "version": "1.10.0", "lessThan": "1.12.0", "versionType": "semver"}], "packageName": "apache-airflow-providers-databricks", "collectionURL": "https://pypi.python.org", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/apache/airflow/pull/63704", "tags": ["patch"]}, {"url": "https://lists.apache.org/thread/hn17yqsgsdtl81llvhf80rkp53hnz5nb", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o notice.\n\nThis issue affects Apache Airflow Provider for Databricks: from 1.10.0 before 1.12.0.\n\nUsers are recommended to upgrade to version 1.12.0, which fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o notice.</p><p>This issue affects Apache Airflow Provider for Databricks: from 1.10.0 before 1.12.0.</p><p>Users are recommended to upgrade to version 1.12.0, which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-03-30T21:43:38.144Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32794", "state": "PUBLISHED", "dateUpdated": "2026-03-31T13:31:19.039Z", "dateReserved": "2026-03-16T10:17:35.548Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2026-03-30T21:43:38.144Z", "assignerShortName": "apache"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:airflow_providers_databricks:*:*:*:*:*:*:*:*", "matchCriteriaId": "89CF59C2-CDC8-4C1A-8FD8-BCAA850355ED", "versionEndExcluding": "1.12.0", "versionStartIncluding": "1.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o notice.\n\nThis issue affects Apache Airflow Provider for Databricks: from 1.10.0 before 1.12.0.\n\nUsers are recommended to upgrade to version 1.12.0, which fixes the issue."}, {"lang": "es", "value": "Vulnerabilidad de Validaci\u00f3n de Certificado Incorrecta en el Proveedor de Apache Airflow para Databricks. El c\u00f3digo del proveedor no validaba los certificados para las conexiones al *back-end* de Databricks, lo que podr\u00eda dar lugar a un ataque de intermediario en el que el tr\u00e1fico es interceptado y manipulado o las credenciales son exfiltradas sin previo aviso.\n\nEste problema afecta al Proveedor de Apache Airflow para Databricks: desde la versi\u00f3n 1.10.0 hasta antes de la 1.12.0.\n\nSe recomienda a los usuarios actualizar a la versi\u00f3n 1.12.0, que corrige el problema."}], "id": "CVE-2026-32794", "lastModified": "2026-04-02T20:26:24.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-30T22:16:18.760", "references": [{"source": "security@apache.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/apache/airflow/pull/63704"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/hn17yqsgsdtl81llvhf80rkp53hnz5nb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/03/30/9"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "security@apache.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.10.0,1.12.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}]}, "product": "airflow_provider_for_databricks", "vendor": "apache"}], "analysis": {"en": {"generated_at": "2026-04-02T22:05:52.940231+00:00", "value": {"mitigation_remediation": ["Upgrade the Airflow Databricks provider to version 1.12.0 or later, which restores certificate verification during the Kubernetes token exchange.", "Verify that TLS certificate validation is enabled in your Airflow configuration and that you are using a trusted Databricks service endpoint.", "Monitor network traffic for anomalous connections and ensure that your Airflow logs reflect successful certificate verification failures if any."], "summary": {"action": "Immediate Upgrade", "impact": "Man-in-the-Middle"}, "threat_synthesis": {"affected_systems": "Apache Airflow Provider for Databricks, released by the Apache Software Foundation, is affected in versions starting from 1.10.0 up to but excluding 1.12.0. The provider facilitates connections between Airflow DAGs and Databricks workspaces; the vulnerability specifically lies in the token exchange used when the provider runs on Kubernetes, where TLS certificate verification is disabled. Users deploying these versions should check if they are within this range.", "description_and_impact": "Improper certificate validation in the Databricks provider for Apache Airflow allows an attacker to perform a man\u2011in\u2011the\u2011middle attack. By bypassing TLS verification, the attacker can intercept, modify or eavesdrop on traffic between Airflow and Databricks, potentially exfiltrating credentials and altering job submissions. The weakness is classified as CWE\u2011295, an insecure design in which encryption is not validated.", "risk_and_exploitability": "With a CVSS base score of 4.8, the vulnerability is considered moderate. The EPSS score of less than 1% indicates low public exploitation probability, and the issue is not listed in the CISA KEV catalog. Nevertheless, because the vulnerability stems from unverified certificates, an attacker positioned to observe the network path could carry out a silent MITM operation. The attack vector is inferred to be remote over the network between Airflow and Databricks, requiring no local vulnerabilities but relying on insecure certificate handling."}}}}, "created": "2026-03-31T19:57:08.867830+00:00", "updated": "2026-04-03T09:38:00.360847+00:00", "vendors": ["apache", "apache$PRODUCT$airflow_provider_for_databricks"]}