It is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG.
All versions up to 0.7.0
Upgrade to version 0.8.0-rc1 or above. Note: 0.8.0-rc1 may be an unstable version. Use caution.