[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2022-40754: Apache Airflow: Open Redirect
From: Jedidiah Cunningham <jedcunningham () apache ! org>
Date: 2022-09-20 18:55:11
Message-ID: d3f78cdd-6521-812e-2914-1a289f602f3c () apache ! org
[Download RAW message or body]
Description:
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the =
webserver's `/confirm` endpoint.
Credit:
The Apache Airflow PMC would like to thank Konstantin Weddige (Lutra =
Security) for reporting this issue.
References:
https://github.com/apache/airflow/pull/26409
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic