Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

NVD
NVDadded 2022/08/16 2:15 p.m.25 views

CVE-2022-38362

Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host...

8.8CVSS0.01602EPSS
Exploits0References2
OSV
OSVadded 2022/08/16 2:15 p.m.3 views

CVE-2022-38362

Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host...

8.8CVSS6.1AI score0.01602EPSS
Exploits0References2
CVE
CVEadded 2022/08/16 2:10 p.m.71 views

CVE-2022-38362

CVE-2022-38362 affects the Apache Airflow Docker provider prior to 3.0.0. The issue stems from an example DAG shipped with the provider and is exploitable via authenticated remote code execution on the Airflow worker host, involving a BashOperator call and a template-controlled parameter (source_...

8.8CVSS8.8AI score0.01602EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/08/16 2:10 p.m.34 views

CVE-2022-38362 Docker Provider <3.0 RCE vulnerability in example dag

Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to authenticated remote code exploit of code on the Airflow worker host...

9.1AI score0.01602EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2022/01/18 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-11978

A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow...

8.8CVSS7.3AI score0.99118EPSS
Exploits9References1
CISA KEV Catalog
CISA KEV Catalogadded 2022/01/18 12:0 a.m.24 views

Apache Airflow Command Injection

A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow...

8.8CVSS2.8AI score0.99118EPSS
In wildExploits9
0day.today
0day.todayadded 2021/06/02 12:0 a.m.144 views

Apache Airflow 1.10.10 - (Example Dag) Remote Code Execution Exploit

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker apache/airflow:1.10 .10...

9.8CVSS9.3AI score0.997EPSS
Exploits10
Packet Storm
Packet Stormadded 2021/06/02 12:0 a.m.346 views

Apache Airflow 1.10.10 Remote Code Execution

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...

7.5CVSS0.2AI score0.997EPSS
Exploits10
PyPA
PyPAadded 2020/07/17 12:15 a.m.3 views

PYSEC-2020-14

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

8.8CVSS7.6AI score0.99118EPSS
Exploits9References2Affected Software1
Rows per page
Query Builder