CVE-2022-43985

Published: Nov 2, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-43985" target="_blank" rel="noopener"> CVE-2022-43985
GHSA: <a href="https://github.com/advisories/GHSA-f9fq-78ch-4wmj" target="_blank" rel="noopener"> GHSA-f9fq-78ch-4wmj
Severity: Medium
Exploit:

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint.