Lucene search
GoogleOSV:CVE-2024-39863HistoryJul 17, 2024 - 8:15 a.m.
CVE-2024-39863
2024-07-1708:15:01
Google
osv.dev
3
apache airflow
vulnerability
upgrade
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
27.3%
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upgrade to version 2.9.3, which fixes this issue.
Related
osv
osv
CGA-45cj-mqr9-6j37
2024-07-18 18:19:42
BIT-airflow-2024-39863
2024-07-19 07:16:29
Apache Airflow Potential Cross-site Scripting Vulnerability
2024-07-17 09:30:48
vulnrichment
vulnrichment
CVE-2024-39863 Apache Airflow: Potential XSS Vulnerability
2024-07-17 07:53:31
wolfi
wolfi
CVE-2024-39863 vulnerabilities
2024-09-19 21:18:36
github
github
Apache Airflow Potential Cross-site Scripting Vulnerability
2024-07-17 09:30:48
nvd
nvd
CVE-2024-39863
2024-07-17 08:15:01
cvelist
cvelist
CVE-2024-39863 Apache Airflow: Potential XSS Vulnerability
2024-07-17 07:53:31
veracode
veracode
Link Injection
2024-07-18 06:17:21
cve
cve
CVE-2024-39863
2024-07-17 08:15:01
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
27.3%
Related for OSV:CVE-2024-39863