HackerOne Bug Bounty Disclosure: cve-apache-airflow-authentication-bypass-when-legacy-openid-is-in-use-as-auth-type-parantheses

Company Name:
Internet Bug Bounty

Company HackerOne URL:
https://hackerone.com/ibb

Submitted By:
parantheses

Link to Submitters Profile:
https://hackerone.com/parantheses

Report Title:
CVE-2024-25128: Apache Airflow: Authentication Bypass when Legacy OpenID(2[.]0) is in use as AUTH_TYPE

Report Link:
https://hackerone.com/reports/2401359

Date Submitted:
28 April 2024

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

Tags: bug bounty

HackerOne Bug Bounty Disclosure: cve-apache-airflow-authentication-bypass-when-legacy-openid-is-in-use-as-auth-type-parantheses

CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CERT/CC Reports R Programming Language Vulnerability

You may have missed

CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CERT/CC Reports R Programming Language Vulnerability