Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Apache Software Foundation

Apache Airflow

Affected Versions:

Apache Airflow Docker Provider

References

https://lists.apache.org/thread/614p38nf4gbk8xhvnskj9b1sqo2dknkb

http://www.openwall.com/lists/oss-security/2022/08/16/1

Published: 2022-08-16T14:10:09

Last Modified: 2024-08-03T10:54:03.738Z

Copied to clipboard!