Описание
Insecure default config of Celery worker in Apache Airflow
An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attack can connect to the broker (Redis, RabbitMQ) directly, it was possible to insert a malicious payload directly to the broker which could lead to a deserialization attack (and thus remote code execution) on the Worker.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11982
- https://github.com/apache/airflow/pull/13612
- https://github.com/apache/airflow/pull/7205
- https://github.com/advisories/GHSA-9g2w-5f3v-mfmm
- https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2020-16.yaml
- https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
Пакеты
apache-airflow
< 1.10.11
1.10.11
EPSS
9.3 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
Связанные уязвимости
An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attack can connect to the broker (Redis, RabbitMQ) directly, it was possible to insert a malicious payload directly to the broker which could lead to a deserialization attack (and thus remote code execution) on the Worker.
An issue was found in Apache Airflow versions 1.10.10 and below. When ...
Уязвимость программного обеспечения создания, мониторинга и оркестрации сценариев обработки данных Airflow, связанная с восстановлением в памяти недостоверной структуры данных, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
9.3 Critical
CVSS4
9.8 Critical
CVSS3