CVE-2024-56373

EPSS 0.04%
Veröffentlicht 24.02.2026 10:16:02
Zuletzt bearbeitet 24.02.2026 21:05:08
Quelle security@apache.org
CVE-Watchlists
Login
Unerledigt
Login

Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information

DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server (server-side) as a result of a user viewing historical task information.

The functionality responsible for that (log template history) has been disabled by default in 2.11.1 and users should upgrade to Airflow 3 if they want to continue to use log template history. They can also manually modify historical log file names if they want to see historical logs that were generated before the last log template change.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Airflow Version < 2.11.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.115

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.4	1.7	6	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://github.com/apache/airflow/pull/61880

Issue Tracking

https://lists.apache.org/thread/2vrmrhcht6g7cp5yjxpnrk2wtrncm6cy

Vendor Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2026/02/23/3

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-56373

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-56373

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-56373

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-56373