Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache Foundation. The platform is scalable and dynamically monitored, etc. A remote code execution vulnerability exists in versions of Apache Airflow prior to 3.0.0. The vulnerability stems from the fact that the code provided in the sample DAG on the Airflow work host is vulnerable to exploitation by (authenticated) remote code. An attacker could exploit this vulnerability to cause remote code execution.