You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@airflow.apache.org by Kaxil Naik <ka...@apache.org> on 2020/12/11 15:51:52 UTC
CVE-2020-17513: Apache Airflow Server-Side Request Forgery (SSRF) in
Charts & Query View
Versions Affected: < 1.10.13
Description:
The Charts and Query View of the old (Flask-admin based) UI were vulnerable
for SSRF attack.
Thanks,
Kaxil,
on behalf of Apache Airflow PMC