CVE advisoryKnown Exploit
CVE-2020-11978
Apache Airflow Command Injection Vulnerability
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A vulnerability in Apache Airflow's example DAGs allows authenticated users to run arbitrary commands. This could impact systems by enabling unauthorized command execution, potentially compromising data and operational integrity. Organizations are advised to disable example DAGs or update Apache Airflow.