Description


In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction.

Related CPE's


Vulnerable

Weaknesses



CWE-134


CWE-134

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-09-21T08:15:08.910

2 years ago

Last modified

2022-09-22T15:43:33.970

2 years ago