Sonicwall Signatures
Go to
All Categories
list.
Apache Airflow DAG Command Injection 4
Category:
WEB-ATTACKS
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
