5 matches found
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +146 more potentially affected by CVE-2024-25142 via apache-airflow (>=1.8.2 <=2.9.1)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.6.0 and more Source cves: CVE-2024-25142 Source advisory: OSV:GHSA-9XPJ-62MM-24H2...
CVE-2024-25142 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-25142 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-25142
CVE-2024-25142 : The issue is in Apache Airflow where dynamic content did not return the Cache-Control header, potentially allowing browsers to store sensitive data in local cache. Affected version: Airflow prior to 2.9.2. The available connected documents confirm the root cause (missing Cache-Co...
CVE-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...