Silas Boch

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions prior to 3.2.2 **Description** A flaw in the `FileTaskHandler` allows a DAG author to access or modify files outside the configured `base log folder` when the worker log folder is shared with the API server. This can be achieved through a read-path attack by creating a symlink in the task's log directory pointing to an arbitrary file readable by the API server process, such as `/etc/passwd` or `airflow.cfg`. Alternatively, a write-path attack can be performed by providing a `task id` containing `..` sequences that are accepted by the Task SDK's `KEY REGEX`. These actions can lead to the leakage or overwriting of arbitrary files. **Recommendations** Upgrade to version 3.2.2 or later. Deploy the worker and API server with separate log volumes to ensure worker-controlled paths cannot reach the API server's filesystem.