This is an automated email from the ASF dual-hosted git repository.
ephraimanierobi pushed a commit to branch v3-1-test
in repository https://gitbox.apache.org/repos/asf/airflow.git
commit 745fd6a5ae8c5a410839da473cd2b07869373573
Author: github-actions[bot]
<41898282+github-actions[bot]@users.noreply.github.com>
AuthorDate: Mon Nov 3 13:25:09 2025 +0100
[v3-1-test] Add link to Airflow CVEs in MITRE CVE database. (#57683)
(#57689)
(cherry picked from commit 365e0a64a6983c6ae305a775f547ad49fc6c4a04)
Co-authored-by: Jarek Potiuk <[email protected]>
---
airflow-core/docs/security/index.rst | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/airflow-core/docs/security/index.rst
b/airflow-core/docs/security/index.rst
index b9f79e2ee70..28c72974251 100644
--- a/airflow-core/docs/security/index.rst
+++ b/airflow-core/docs/security/index.rst
@@ -26,6 +26,13 @@ the different user types of Apache Airflow®, what they have
access to, and the
Also, if you want to understand how Airflow releases security patches and what
to expect from them,
head over to :doc:`Releasing security patches
</security/releasing_security_patches>`.
+There are number of services where you can track security issues reported and
announced by Airflow same as for
+any of the projects following the standard CVE databases.
+
+One such database is run by the MITRE corporation and you can search
+for `Airflow CVEs
<https://www.cve.org/CVERecord/SearchResults?query=apache+airflow>`_
+there, however you might use whatever database you and your organization
prefers to track security issues and CVEs.
+
Follow the below topics as well to understand other aspects of Airflow
security:
.. toctree::
