=====================================================================

                                CERT-Renater

                     Note d'Information No. 2022/VULN338

_____________________________________________________________________

DATE                : 21/09/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache Airflow versions prior
                                   to 2.3.0 up to 2.3.4.

=====================================================================
https://lists.apache.org/thread/z20x8m16fnhxdkoollv53w1ybsts687t
https://lists.apache.org/thread/cn098dcp5x3c402xrb06p3l7nz5goffm
_____________________________________________________________________

CVE-2022-40604: Apache Airflow: Format String Vulnerability

Description:

In Apache Airflow 2.3.0 through 2.3.4, part of a url was
unnecessarily formatted, allowing for possible information extraction.

Credit:

The Apache Airflow PMC would like to thank L3yx of Syclover Security
Team for reporting this issue.

References:

https://github.com/apache/airflow/pull/26337

_____________________________________________________________________

CVE-2022-40754: Apache Airflow: Open Redirect
Description:

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect
in the webserver's `/confirm` endpoint.

Credit:

The Apache Airflow PMC would like to thank Konstantin Weddige
(Lutra Security) for reporting this issue.

References:

https://github.com/apache/airflow/pull/26409


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================