Wei Lee

**Name of the Vulnerable Software and Affected Versions** Apache Airflow versions 2.4.0 through 2.9.3 **Description** This vulnerability allows authenticated DAG authors to craft a malicious `doc md` parameter, potentially leading to arbitrary code execution within the scheduler context. This bypasses Airflow’s security model, which should prevent such actions. The vulnerability stems from a lack of sanitization when processing the `doc md` parameter, which is used to create descriptions for DAGs (Directed Acyclic Graphs) in the Airflow web interface. When `doc md` does not have a '.md' extension, Airflow creates a template using `jinja2.Template(doc md)`, resulting in a Server-Side Template Injection (SSTI) condition. Attackers can leverage Python’s introspection capabilities to enumerate classes and execute commands, potentially compromising the system. Exploitation requires the ability to create DAGs on the Airflow server. **Recommendations** Upgrade to Apache Airflow version 2.9.3 or later to resolve this issue.