GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

GHSA-93ww-43rr-79v3: Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination 

In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.

**Apache Airflow vulnerable to Use of Externally-Controlled Format String**

High severity GitHub Reviewed Published Sep 22, 2022