Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-25142
HistoryJun 14, 2024 - 9:15 a.m.

CVE-2024-25142

2024-06-1409:15:09
Google
osv.dev
apache airflow
web browser
cache-control
sensitive information
data storage
software update

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.

Airflow did not return “Cache-Control” header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.

This issue affects Apache Airflow: before 2.9.2.

Users are recommended to upgrade to version 2.9.2, which fixes the issue.

Related

osv 3
cvelist 1
wolfi 1
nvd 1
vulnrichment 1
veracode 1
cve 1
github 1
osv
osv
CGA-33w6-99cx-72gx
2024-06-19 07:34:05
Apache Airflow does not return the "Cache-Control" header for dynamic content
2024-06-14 09:31:17
BIT-airflow-2024-25142
2024-06-18 07:17:29
cvelist
cvelist
CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
2024-06-14 08:25:35
wolfi
wolfi
CVE-2024-25142 vulnerabilities
2024-06-25 15:33:25
nvd
nvd
CVE-2024-25142
2024-06-14 09:15:09
vulnrichment
vulnrichment
CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
2024-06-14 08:25:35
veracode
veracode
Sensitive Information Disclosure
2024-06-17 04:21:59
cve
cve
CVE-2024-25142
2024-06-14 09:15:09
github
github
Apache Airflow does not return the "Cache-Control" header for dynamic content
2024-06-14 09:31:17

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for OSV:CVE-2024-25142
osv3cvelist1wolfi1nvd1vulnrichment1veracode1cve1github1