Lucene search
K

212 matches found

OSV
OSV
added 2024/06/18 7:17 a.m.18 views

BIT-AIRFLOW-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

5.5CVSS5.2AI score0.00318EPSS
Exploits0References4
OSV
OSV
added 2024/06/14 9:31 a.m.2 views

GHSA-9XPJ-62MM-24H2 Apache Airflow does not return the "Cache-Control" header for dynamic content

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

5.5CVSS6AI score0.00318EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/06/14 9:31 a.m.22 views

Apache Airflow does not return the "Cache-Control" header for dynamic content

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

5.5CVSS6.5AI score0.00318EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2024/06/14 9:15 a.m.6 views

PYSEC-2024-195

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.This issue affects Apache...

5.5CVSS6.6AI score0.00318EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/06/14 9:15 a.m.26 views

CVE-2024-25142

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

5.5CVSS0.00318EPSS
Exploits0References3
OSV
OSV
added 2024/06/14 9:15 a.m.2 views

PYSEC-2024-195

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

5.5CVSS6.1AI score0.00318EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/06/14 8:25 a.m.27 views

CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

0.00318EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.3 views

Apache Airflow Security Vulnerability

Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache USA Foundation. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 2.9.2 that stems from Airflow not...

5.5CVSS6.3AI score0.00318EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.3 views

PT-2024-4257 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.9.2 Description: The issue is related to the use of web browser cache containing sensitive information in Apache Airflow. Airflow did not return a "Cache-Control" header for dynamic content, which could resu...

5.5CVSS6.2AI score0.00318EPSS
Exploits0References17
Snyk
Snyk
added 2024/04/08 9:29 a.m.2 views

Use of Web Browser Cache Containing Sensitive Information

Overview mysql2 is a mostly API compatible with mysqljs and supports majority of features. Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon...

6.5CVSS6.8AI score0.00744EPSS
Exploits1References2
OSV
OSV
added 2024/04/04 10:15 a.m.1 views

DEBIAN-CVE-2024-3262

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS5.2AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2024/04/04 10:15 a.m.1 views

UBUNTU-CVE-2024-3262

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS5.8AI score0.00285EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/04 9:21 a.m.19 views

CVE-2024-3262 Information exposure vulnerability in Request Tracker (RT)

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS5.4AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 9:21 a.m.12 views

CVE-2024-3262 Information exposure vulnerability in Request Tracker (RT)

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS6.1AI score0.00285EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/04/04 9:21 a.m.21 views

CVE-2024-3262

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS5.1AI score0.00285EPSS
Exploits0
CVE
CVE
added 2024/04/04 9:21 a.m.72 views

CVE-2024-3262

CVE-2024-3262 is an information-exposure vulnerability in Request Tracker (RT) affecting RT 4.x. The issue arises because ticket/application data could be stored in a user’s browser cache, allowing a local attacker with access to the device to retrieve sensitive information even after session ter...

5.5CVSS5.1AI score0.00285EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.13 views

CVE-2024-3262

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser...

5.5CVSS5.9AI score0.00285EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.3 views

PT-2024-24728 · Rt +1 · Rt +1

Name of the Vulnerable Software and Affected Versions: RT software version 4.4.1 Description: The issue allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets. This is because the application stores the information...

7.5CVSS5AI score0.01707EPSS
Exploits0References35
FreeBSD
FreeBSD
added 2024/04/04 12:0 a.m.15 views

Request Tracker -- information exposure vulnerability

Request Tracker reports: CVE-2024-3262 describes previously viewed pages being stored in the browser cache, which is the typical default behavior of most browsers to enable the "back" button. Someone who gains access to a host computer could potentially view ticket data using the back button, eve...

5.5CVSS6.9AI score0.00285EPSS
Exploits0References1
Veeam
Veeam
added 2024/03/21 12:0 a.m.37 views

403 Forbidden Message When Accessing Veeam Data Cloud App

Challenge Attempting to load the Veeam Data Cloud app webpage fails with the error: 403 Forbidden Microsoft-Azure-Application-Gateway/v2 Cause The HTTP status code "403 forbidden--you don't have permission to access this resource" is displayed when a web server recognizes a user's request but is...

7AI score
Exploits0
Rows per page
Query Builder