CVE-2022-40754
on github
Published
Severity
CVSS v3:
6.1 MEDIUM
CVSS v2:
N/A
Description
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* | 2.3.0 (including) | 2.3.4 (including) | * |