Vulnerability Database

296,317

Total vulnerabilities in the database

CVE-2022-40754

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint.

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

Software From Fixed in
apache / airflow 2.3.0 2.3.4.x
Python icon apache-airflow 2.3.0 2.4.0b1