3 matches found
abi-ds-utils (=1.0.1), airflow-add-ons (=0.2.9b1) +4 more potentially affected by CVE-2022-40754 via apache-airflow (>=2.3.2 <=2.4.0)
apache-airflow PYPI version =2.3.2, =0.1.0, =0.1.0, =0.10.0.1 Source cves: CVE-2022-40754 Source advisory: OSV:GHSA-4FG5-J4MM-WFPG...
CVE-2022-40754 Open Redirect
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint...
CVE-2022-40754
Summary: CVE-2022-40754 affects Apache Airflow 2.3.0–2.3.4, describing an open redirect in the webserver’s /confirm endpoint. The root cause is an open redirect vulnerability that could enable attackers to lead users to a malicious site via an apparently legitimate URL. No exploitation details or...