Lucene search
China National Vulnerability DatabaseCNVD-2022-59057HistoryAug 19, 2022 - 12:00 a.m.
Apache Airflow Remote Code Execution Vulnerability (CNVD-2022-59057)
2022-08-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
19
apache airflow
open source
workflows
remote code exec
vulnerability
EPSS
0.001
Percentile
34.0%
Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache Foundation. The platform is scalable and dynamically monitored, etc. A remote code execution vulnerability exists in versions of Apache Airflow prior to 3.0.0. The vulnerability stems from the fact that the code provided in the sample DAG on the Airflow work host is vulnerable to exploitation by (authenticated) remote code. An attacker could exploit this vulnerability to cause remote code execution.
Related
veracode
veracode
Remote Code Execution (RCE)
2022-08-17 04:35:26
github
github
Remote code execution in Apache Airflow Docker's Provider
2022-08-17 00:00:21
cve
cve
CVE-2022-38362
2022-08-16 14:15:08
osv
osv
Remote code execution in Apache Airflow Docker's Provider
2022-08-17 00:00:21
cvelist
cvelist
CVE-2022-38362 Docker Provider <3.0 RCE vulnerability in example dag
2022-08-16 14:10:09
hackerone
hackerone
nvd
nvd
CVE-2022-38362
2022-08-16 14:15:08
prion
prion
Design/Logic Flaw
2022-08-16 14:15:00