CVE-2020-11978 is a command injection vulnerability impacting Apache Airflow versions 1.10.10 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.
PoC Links(if available):
Packet Storm exploit –
Known Counter Measures:
Apache addressed the vulnerability in Airflow version 1.10.11.
Links to patches(if available)