GHSA-6hcw-qqr8-pjj8
Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
6Blast Radius
ecosystem impact- 8 pypi packages depend on apache-airflow (4 direct, 4 indirect)
Ecosystem-wide dependent count for version 3.2.2.
Description PRE-NVD
AnalysisAI
Open redirect bypass in Apache Airflow 3.0.0 through 3.2.1 allows remote unauthenticated attackers to craft URLs that evade the is_safe_url host check by using triple-slash (///), backslash, or URL-encoded backslash prefixes, redirecting victims to attacker-controlled domains. The flaw stems from a parsing inconsistency between WHATWG URL semantics and Python's urllib. No public exploit has been identified at time of analysis, and EPSS rates exploitation probability at only 0.01% (4th percentile).
Technical ContextAI
Apache Airflow is a widely deployed Python-based workflow orchestration platform; the vulnerable code lives in airflow-core/src/airflow/api_fastapi/core_api/security.py within the FastAPI core API used for the web UI. The root cause is CWE-601 (URL Redirection to Untrusted Site) - the is_safe_url() validator relied on Python's urllib parsing, which treats ///host.com differently than the WHATWG URL standard implemented in browsers, where /// collapses to // and backslashes are normalized to forward slashes. As a result, payloads like ///attacker.com/prefix, \\attacker.com/prefix, or URL-encoded %5C%5C%5C%5Cattacker.com/prefix passed the safety check but were honored as external redirects by browsers. The upstream fix (apache/airflow PR #65557) URL-decodes the target and explicitly rejects strings beginning with //, /\, \/, or \\.
RemediationAI
Vendor-released patch: upgrade to Apache Airflow 3.2.2 or later, which incorporates the fix from apache/airflow PR #65557 (https://github.com/apache/airflow/pull/65557) that decodes and rejects target URLs beginning with //, /\, \/, or \\. Review the vendor announcement at https://lists.apache.org/thread/qmt8ksh7gty6b8hr9w294t94j36jdv1q before deployment. Where immediate upgrade is not possible, restrict access to the Airflow web UI behind a VPN or SSO-protected reverse proxy that enforces a strict allowlist of redirect destinations and strips/normalizes backslashes and multi-slash sequences from next/redirect query parameters before they reach Airflow - note this may break legitimate deep-linking flows that pass encoded URLs. As a user-side mitigation, train operators to inspect URLs before clicking links purporting to come from Airflow notifications.
More in Open Redirect
View allA malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL ca
GFI Kerio Control versions 9.2.5 through 9.4.5 contain an HTTP response splitting vulnerability in the dest parameter of
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 b
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (li
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3
Flarum is open source discussion platform software. Rated medium severity (CVSS 6.5), this vulnerability is remotely exp
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites
Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for
Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link. Rated crit
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33597