Security
Headlines

Headlines Latest CVEs

Headline

GHSA-4fg5-j4mm-wfpg: Apache Airflow vulnerable to open redirect

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver’s /confirm endpoint.

2 years ago

#web #apache #git

Apache Airflow vulnerable to open redirect

Moderate severity GitHub Reviewed Published Sep 22, 2022 • Updated Sep 22, 2022

Related news

CVE-2022-40754: Fix UI redirect by jedcunningham · Pull Request #26409 · apache/airflow

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint.

2 years ago

#web #apache #auth

ghsa: Latest News

GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

17 hours ago

GHSA-93ww-43rr-79v3: Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination

20 hours ago

GHSA-jgwc-jh89-rpgq: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

20 hours ago

GHSA-xg58-75qf-9r67: Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges

20 hours ago

GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

20 hours ago