3 matches found
CVE-2024-27906
creationtimestamp| type| source ---|---|--- 2024-02-29 12:32:01+00:00| seen| https://t.me/ctinow/196569 2024-02-29 12:32:15+00:00| seen| https://t.me/ctinow/196577 2025-05-06 13:20:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15102...
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +142 more potentially affected by CVE-2024-27906 via apache-airflow (>=1.8.2 <=2.8.1)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.1.1, =1.10.6 and more Source cves: CVE-2024-27906 Source advisory: OSV:GHSA-6V6W-H8M6-7MV2...
CVE-2024-27906
CVE-2024-27906 affects Apache Airflow versions before 2.8.2. The published docs describe a vulnerability where authenticated users can view DAG code and import errors for DAGs they should not be allowed to view via the API and the UI. The primary impact is information disclosure of DAG contents a...