Exploit for OS Command Injection in Apache Airflow

Example Build demo stand bash docker-compose up -d...

PYSEC-2021-122

If remote logging is not used, the worker in the case of CeleryExecutor or the scheduler in the case of LocalExecutor runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG...

PYSEC-2020-15

An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker Redis, RabbitMQ directly, it is possible to inject commands, resulting in the celery worker running arbitrary commands...

PT-2020-6686 · Apache +2 · Apache Airflow +2

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 1.10.10 and below Description: The issue is related to the deserialization of untrusted data in Apache Airflow, which can lead to remote code execution. An attacker, acting remotely, can exploit this issue by inserting...

PT-2020-6688 · Apache +2 · Apache Airflow +2

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 1.10.10 and below Description: The issue allows an attacker to inject commands if they can connect directly to the broker, such as Redis or RabbitMQ, when using CeleryExecutor. This can result in the celery worker...