Lucene search

K
osvGoogleOSV:BIT-AIRFLOW-2024-32077
HistoryMay 24, 2024 - 7:15 a.m.

BIT-airflow-2024-32077

2024-05-2407:15:55
Google
osv.dev
3
apache airflow
vulnerability
malicious data
upgrade

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.Β Users are recommended to upgrade to version 2.9.1, which fixes this issue.

CPENameOperatorVersion
airflowge2.9.0
airflowlt2.9.1

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

Related for OSV:BIT-AIRFLOW-2024-32077