Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:8 a.m.7 views

CVE-2024-45033

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

8.1CVSS8AI score0.01366EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/01/08 9:44 a.m.9 views

apache-airflow (=2.9.0b2), apache-airflow-providers-common-compat (>=1.0.0 <=1.6.0b1) potentially affected by CVE-2024-45033 via apache-airflow-providers-fab (>=1.0.2b0 <=1.4.1)

apache-airflow-providers-fab PYPI version =1.0.2b0, =1.0.0, =1.6.0b1 Source cves: CVE-2024-45033 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSFAB-8603622...

8.1CVSS5.8AI score0.00936EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/01/08 9:30 a.m.6 views

apache-airflow (=2.9.0b2), apache-airflow-providers-common-compat (>=1.0.0 <=1.6.0b1) potentially affected by CVE-2024-45033 via apache-airflow-providers-fab (>=1.0.2b0 <=1.4.1)

apache-airflow-providers-fab PYPI version =1.0.2b0, =1.0.0, =1.6.0b1 Source cves: CVE-2024-45033 Source advisory: OSV:GHSA-8863-4QMG-FR45...

8.1CVSS5.8AI score0.00936EPSS
Exploits0
NVD
NVD
added 2025/01/08 9:15 a.m.20 views

CVE-2024-45033

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

8.1CVSS0.00936EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/01/08 9:15 a.m.13 views

CVE-2024-45033 vulnerabilities

Vulnerabilities for packages: airflow...

8.1CVSS8.2AI score0.00936EPSS
Exploits0
Wolfi
Wolfi
added 2025/01/08 9:15 a.m.69 views

CVE-2024-45033 vulnerabilities

Vulnerabilities for packages: airflow...

8.1CVSS7.2AI score0.00936EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/01/08 8:41 a.m.12 views

CVE-2024-45033 Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

6.8AI score0.00936EPSS
Exploits0References2
CVE
CVE
added 2025/01/08 8:41 a.m.355 views

CVE-2024-45033

CVE-2024-45033 affects Apache Airflow Fab Provider prior to 1.5.2. The root cause is insufficient session expiration: after a user’s password is changed via the admin CLI, the user’s existing sessions are not cleared, allowing continued access even after password changes. This issue is CLI-specif...

8.1CVSS6.4AI score0.00936EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder