by vicarius
log in join community
by @jakaba
03 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

RCE via example DAG in Apache Airflow (CVE-2022-40127)

by @jakaba
by @jakaba
03 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

RCE via example DAG in Apache Airflow (CVE-2022-40127)

CVEs

CVE-2022-40127
8.8 High Severity

Apps

A
AirflowApache
1.0.0:.*
2.0.0:.*
*.*
1.7.1.3.*
1.7.1.2.*
1.7.1.1.*
1.10.11.*
1.10.12.*
0.4.5.*
1.10.8.*

Screenshots from the blog posts

images/clks8aknn08in1jnafx1p0i7c.jpgimages/clks8aknn08in1jnafx1p0i7c.jpg

Summary

In this writeup, we delve into the analysis of command injection vulnerability (known as CVE-2022-40127) leading to remote command execution (RCE) found in Apache Airflow.

Description

Tags

#RCE#APACHE#CVE-2022-40127#Airflow
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

44 posts

Total vcoins

41.1K

Social media links

Comments (0)