oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2022-45402: Apache Airflow: Open redirect during login

From: Jedidiah Cunningham <jedcunningham () apache org>
Date: Tue, 15 Nov 2022 00:16:10 +0000
Description:

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint.

Credit:

The Apache Airflow PMC would like to thank Bugra Eskici for reporting this issue.

References:

https://github.com/apache/airflow/pull/27576
Previous By Date Next
Previous By Thread Next

Current thread: