oss-sec mailing list archives
CVE-2022-45402: Apache Airflow: Open redirect during login
From: Jedidiah Cunningham <jedcunningham () apache org>
Date: Tue, 15 Nov 2022 00:16:10 +0000
Description: In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint. Credit: The Apache Airflow PMC would like to thank Bugra Eskici for reporting this issue. References: https://github.com/apache/airflow/pull/27576
Current thread:
- CVE-2022-45402: Apache Airflow: Open redirect during login Jedidiah Cunningham (Nov 15)