Security Advisory

CVE-2022-40127

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-14 00:00:00

Last updated 2025-04-30 18:58:45

Assigner apache

State PUBLISHED

Description

A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0.

← Browse all CVEs View on cve.org ↗