CVE-2020-11978 – Apache Software Foundation / Airflow – Command injection

Click the icon to Follow me:- twitterTelegramRedditDiscord


CVE-2020-11978 is a command injection vulnerability impacting Apache Airflow versions 1.10.10 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

Packet Storm exploit –

Known Counter Measures:

Apache addressed the vulnerability in Airflow version 1.10.11.

Links to patches(if available)

Available for Amazon Prime