CVE-2022-40604

Опубликовано: 21 сент. 2022

Источник: debian

Описание

In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.

Пакет	Статус	Версия исправления	Релиз	Тип
airflow	itp			package

CVE-2022-40604

CVSS3: 7.5

nvd

больше 3 лет назад

In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.

GHSA-5rp4-749p-vx26

CVSS3: 7.5

github

больше 3 лет назад

Apache Airflow vulnerable to Use of Externally-Controlled Format String