oss-sec mailing list archives
CVE-2020-17513: Apache Airflow Server-Side Request Forgery (SSRF) in Charts & Query View
From: Kaxil Naik <kaxilnaik () apache org>
Date: Fri, 11 Dec 2020 15:51:52 +0000
Versions Affected: < 1.10.13 Description: The Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack. Thanks, Kaxil, on behalf of Apache Airflow PMC
Current thread:
- CVE-2020-17513: Apache Airflow Server-Side Request Forgery (SSRF) in Charts & Query View Kaxil Naik (Dec 11)