[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2022-40754: Apache Airflow: Open Redirect
From:       Jedidiah Cunningham <jedcunningham () apache ! org>
Date:       2022-09-20 18:55:11
Message-ID: d3f78cdd-6521-812e-2914-1a289f602f3c () apache ! org
[Download RAW message or body]

Description:

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the =
webserver's `/confirm` endpoint.

Credit:

The Apache Airflow PMC would like to thank Konstantin Weddige (Lutra =
Security) for reporting this issue.

References:

https://github.com/apache/airflow/pull/26409


[prev in list] [next in list] [prev in thread] [next in thread]