CVE-2018-20245
CVE-2018-20245 affects Apache Airflow versions prior to 1.10.1, where the LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) had improper exception handling that disabled server certificate checking. This misconfiguration enables potential Man‑in‑the‑Middle risks against LDAP connections...