CVE-2022-40604
pypi/apache-airflow
Use of Externally-Controlled Format String
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.
All versions starting from 2.3.0 up to 2.3.4
Upgrade to version 2.4.0 or above.
2022-09-23
source |