Remote Code Execution Vulnerability in Apache Airflow Docker Provider

Remote Code Execution Vulnerability in Apache Airflow Docker Provider

CVE-2022-38362 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.

Learn more about our Cis Benchmark Audit For Docker.