CVE-2022-41672 – Session still functional after user is deactivated
https://notcve.org/view.php?id=CVE-2022-41672
In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API. En Apache Airflow, versiones anteriores a 2.4.1, desactivar un usuario no impedía que un usuario ya autenticado pudiera seguir usando la Interfaz de Usuario o la API • https://github.com/apache/airflow/pull/26635 https://lists.apache.org/thread/ohf3pvd3dftb8zb01yngbn1jtkq5m08y • CWE-613: Insufficient Session Expiration •
CVE-2022-40754 – Open Redirect
https://notcve.org/view.php?id=CVE-2022-40754
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint. En Apache Airflow versiones 2.3.0 hasta 2.3.4, se presentaba un redireccionamiento abierto en el endpoint "/confirm" del servidor web • https://github.com/apache/airflow/pull/26409 https://lists.apache.org/thread/cn098dcp5x3c402xrb06p3l7nz5goffm • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2022-40604 – Format String Vulnerability
https://notcve.org/view.php?id=CVE-2022-40604
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction. En Apache Airflow versiones 2.3.0 hasta 2.3.4, parte de una url tenía un formato no necesario que permitía una posible extracción de información • https://github.com/apache/airflow/pull/26337 https://lists.apache.org/thread/z20x8m16fnhxdkoollv53w1ybsts687t • CWE-134: Use of Externally-Controlled Format String •
CVE-2022-38054 – Session Fixation
https://notcve.org/view.php?id=CVE-2022-38054
In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. En Apache Airflow versiones 2.2.4 hasta 2.3.3, el backend de sesión del servidor web "database" era susceptible a una fijación de sesión • http://www.openwall.com/lists/oss-security/2022/09/02/1 https://lists.apache.org/thread/rsd3h89xdp16rg0ltovx3m7q3ypkxsbb • CWE-384: Session Fixation •
CVE-2022-38170 – Overly permissive umask for daemons
https://notcve.org/view.php?id=CVE-2022-38170
In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via the webserver. En Apache Airflow versiones anteriores a 2.3.4, era configurado una máscara de usuario no segura para numerosos componentes de Airflow cuando es ejecutado con el flag "--daemon", lo que podía resultar en una condición de carrera que daba lugar a archivos de escritura mundial en el directorio principal de Airflow y permitía a usuarios locales exponer contenidos de archivos arbitrarios por medio del servidor web • http://www.openwall.com/lists/oss-security/2022/09/02/12 http://www.openwall.com/lists/oss-security/2022/09/02/3 http://www.openwall.com/lists/oss-security/2022/09/21/2 https://lists.apache.org/thread/zn8mbbb1j2od5nc9zhrvb7rpsrg1vvzv • CWE-732: Incorrect Permission Assignment for Critical Resource •