Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information
Description
DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server (server-side) as a result of a user viewing historical task information.
The functionality responsible for that (log template history) has been disabled by default in 2.11.1 and users should upgrade to Airflow 3 if they want to continue to use log template history. They can also manually modify historical log file names if they want to see historical logs that were generated before the last log template change.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Airflow DAG Authors can achieve remote code execution in the web-server via SSTI through the LogTemplate table, disabled by default in 2.11.1.
Vulnerability
Analysis
CVE-2024-56373 is a server-side template injection (SSTI) vulnerability in Apache Airflow that allows a DAG Author—a user who already holds significant administrative privileges—to execute arbitrary code in the web-server context. The root cause lies in the LogTemplate history feature, which renders user-controlled template data from the database without proper sanitization. An attacker with DAG Author permissions can manipulate the LogTemplate table to inject malicious Jinja2 template expressions, which are then executed when the web server processes log file names for display [2][3].
Exploitation
Path
To exploit this vulnerability, an attacker must first have DAG Author access, a role that inherently permits database manipulation and task management. By directly altering the LogTemplate records (e.g., by issuing SQL commands or using Airflow's administrative interfaces), the attacker embeds a template payload. When any user—including the attacker—views historical task information in the Airflow UI, the unsanitized template is rendered server-side, leading to arbitrary code execution in the web-server process. No further authentication is required beyond the initial DAG Author role [3].
Impact
Successful exploitation results in remote code execution (RCE) within the context of the Airflow web server. An attacker can execute arbitrary Python code, potentially leading to data exfiltration, privilege escalation, or lateral movement within the infrastructure. The CVSS v4.0 severity is rated medium, but the practical impact is high due to the full server compromise achievable [2][3].
Mitigation
The vulnerability is addressed in Apache Airflow 2.11.1, where the LogTemplate history functionality is disabled by default. Users who require the feature are advised to upgrade to Airflow 3, which offers a safer implementation. Alternatively, administrators can manually adjust historical log file names to avoid rendering templates from the database. The fix was implemented via pull request #61880, which disables database access when rendering log templates, eliminating the injection vector [3][4].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-airflowPyPI | < 2.11.1 | 2.11.1 |
Affected products
1- Apache Software Foundation/Apache Airflowv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/apache/airflow/pull/61880ghsapatchWEB
- github.com/advisories/GHSA-r837-hpv7-pc2fghsaADVISORY
- lists.apache.org/thread/2vrmrhcht6g7cp5yjxpnrk2wtrncm6cyghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2024-56373ghsaADVISORY
- www.openwall.com/lists/oss-security/2026/02/23/3ghsaWEB
News mentions
0No linked articles in our index yet.