Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-38362


Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.


Published

2022-08-16T14:15:08.310

Last Modified

2024-11-21T07:16:19.723

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apache apache-airflow-providers-docker < 3.0.0 Yes

References