Lucene search
ApacheCVELIST:CVE-2022-40604HistorySep 21, 2022 - 7:25 a.m.
CVE-2022-40604 Format String Vulnerability
2022-09-2107:25:11
CWE-134
apache
www.cve.org
5
cve
format string vulnerability
apache airflow 2.3.0
information extraction
EPSS
0.001
Percentile
50.5%
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.
CNA Affected
[
{
"product": "Apache Airflow",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "2.3.0",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Information Disclosure
2022-09-23 09:00:37
nvd
nvd
CVE-2022-40604
2022-09-21 08:15:08
prion
prion
Information disclosure
2022-09-21 08:15:00
osv
osv
CVE-2022-40604
2022-09-21 08:15:08
Apache Airflow vulnerable to Use of Externally-Controlled Format String
2022-09-22 22:40:27
BIT-airflow-2022-40604
2024-03-06 10:57:16
github
github
Apache Airflow vulnerable to Use of Externally-Controlled Format String
2022-09-22 22:40:27
cve
cve
CVE-2022-40604
2022-09-21 08:15:08
cnvd
cnvd
Apache Airflow Information Disclosure Vulnerability (CNVD-2022-73695)
2022-09-24 00:00:00