Hacker News new | past | comments | ask | show | jobs | submit login
High Rated CVSS Apache Airflow Remote Code Execution (securelayer7.net)
3 points by sandeep_kamble 9 months ago | hide | past | favorite | 1 comment



The blog post discusses a vulnerability (CVE-2024-39877) in Apache Airflow, allowing authenticated users to execute arbitrary code via the doc_md parameter. The issue involves improper handling of Jinja2 templates, leading to potential security risks.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: