Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
2022-08-16T14:15:08.310
2024-11-21T07:16:19.723
Modified
CVSSv3.1: 8.8 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | apache | apache-airflow-providers-docker | < 3.0.0 | Yes |