Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-9XPJ-62MM-24H2
HistoryJun 14, 2024 - 9:31 a.m.

Apache Airflow does not return the "Cache-Control" header for dynamic content

2024-06-1409:31:17
Google
osv.dev
5
apache airflow
dynamic content
cache-control
browser cache
vulnerability
sensitive data
upgrade
fix.

AI Score

6.2

Confidence

High

EPSS

0

Percentile

9.0%

JSON

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.

Airflow did not return “Cache-Control” header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.

This issue affects Apache Airflow: before 2.9.2.

Users are recommended to upgrade to version 2.9.2, which fixes the issue.

Related

osv 3
cvelist 1
wolfi 1
github 1
nvd 1
vulnrichment 1
cve 1
veracode 1
osv
osv
CVE-2024-25142
2024-06-14 09:15:09
CGA-33w6-99cx-72gx
2024-06-19 07:34:05
BIT-airflow-2024-25142
2024-06-18 07:17:29
cvelist
cvelist
CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
2024-06-14 08:25:35
wolfi
wolfi
CVE-2024-25142 vulnerabilities
2024-09-27 21:56:47
github
github
Apache Airflow does not return the "Cache-Control" header for dynamic content
2024-06-14 09:31:17
nvd
nvd
CVE-2024-25142
2024-06-14 09:15:09
vulnrichment
vulnrichment
CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
2024-06-14 08:25:35
cve
cve
CVE-2024-25142
2024-06-14 09:15:09
veracode
veracode
Sensitive Information Disclosure
2024-06-17 04:21:59

AI Score

6.2

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for OSV:GHSA-9XPJ-62MM-24H2
osv3cvelist1wolfi1github1nvd1vulnrichment1cve1veracode1