← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-11978 — Actively Exploited: Airflow (Apache)

A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.

CVE IDCVE-2020-11978
VendorApache
ProductAirflow
Vulnerability nameApache Airflow Command Injection
Date added2022-01-18
Remediation due2022-07-18
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionA remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →