Headline
CVE-2022-40604
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.
Email display mode:
Modern rendering
Legacy rendering
Related news
GHSA-5rp4-749p-vx26: Apache Airflow vulnerable to Use of Externally-Controlled Format String
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.