[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2022-45402: Apache Airflow: Open redirect during login
From:       Jedidiah Cunningham <jedcunningham () apache ! org>
Date:       2022-11-15 0:16:10
Message-ID: 8f6f67ee-1601-7bf2-06de-5b105329ea7a () apache ! org
[Download RAW message or body]

Description:

In Apache Airflow versions prior to 2.4.3, there was an open redirect in =
the webserver's `/login` endpoint.

Credit:

The Apache Airflow PMC would like to thank Bugra Eskici for reporting this =
issue.

References:

https://github.com/apache/airflow/pull/27576


[prev in list] [next in list] [prev in thread] [next in thread]