unsanitized input goes to regex function leads to ReDos that make request hangs
Low
Vulnerability Details
Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang
## Impact
this will help attacker achieve Dos attack with less effort
Actions
View on HackerOneReport Stats
- Report ID: 2064723
- State: Closed
- Substate: resolved
- Upvotes: 4