CVE-2026-49297 PUBLISHED

Apache Airflow Google provider: Path traversal via GCS object names → local/SFTP filesystem (GCSToSFTPOperator + GCSTimeSpanFileTransformOperator)

Assigner: apache
Reserved: 28.05.2026 Published: 06.07.2026 Updated: 06.07.2026

Apache Airflow's Google provider operators GCSToSFTPOperator and GCSTimeSpanFileTransformOperator joined GCS object names returned by the bucket listing API directly to a destination filesystem path without normalisation or containment check. A user with write access to the source GCS bucket (typically a different trust principal than the DAG author — partner uploads, ingest-only service accounts, public-data buckets) could create an object whose name contains .. segments and cause the DAG run to write the downloaded blob outside the configured destination (the SFTP destination_path for GCSToSFTPOperator; the worker-local temp directory for GCSTimeSpanFileTransformOperator), enabling overwrite of arbitrary files on the SFTP server or the worker host. Affects deployments that ingest from buckets writable by less-trusted principals. Users are advised to upgrade to apache-airflow-providers-google 22.2.1 or later.

Product Status

Vendor Apache Software Foundation
Product Apache Airflow Google provider
Versions Default: unaffected
  • affected from 0 to 22.2.1 (excl.)

Credits

  • anonymous finder
  • Jarek Potiuk remediation developer

References

Problem Types

  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE