CVE-2022-40754
URL Redirection to Untrusted Site ('Open Redirect') in pypi/apache-airflow
Identifiers
CVE-2022-40754
Package Slug
pypi/apache-airflow
Vulnerability
URL Redirection to Untrusted Site ('Open Redirect')
Description
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint.
Affected Versions
All versions starting from 2.3.0 up to 2.3.4
Solution
Upgrade to version 2.4.0 or above.
Last Modified
2022-09-23
| source |