8 matches found
CVE-2024-45033
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
apache-airflow (=2.9.0b2), apache-airflow-providers-common-compat (>=1.0.0 <=1.6.0b1) potentially affected by CVE-2024-45033 via apache-airflow-providers-fab (>=1.0.2b0 <=1.4.1)
apache-airflow-providers-fab PYPI version =1.0.2b0, =1.0.0, =1.6.0b1 Source cves: CVE-2024-45033 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSFAB-8603622...
apache-airflow (=2.9.0b2), apache-airflow-providers-common-compat (>=1.0.0 <=1.6.0b1) potentially affected by CVE-2024-45033 via apache-airflow-providers-fab (>=1.0.2b0 <=1.4.1)
apache-airflow-providers-fab PYPI version =1.0.2b0, =1.0.0, =1.6.0b1 Source cves: CVE-2024-45033 Source advisory: OSV:GHSA-8863-4QMG-FR45...
CVE-2024-45033
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
CVE-2024-45033 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-45033 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-45033 Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
CVE-2024-45033
CVE-2024-45033 affects Apache Airflow Fab Provider prior to 1.5.2. The root cause is insufficient session expiration: after a user’s password is changed via the admin CLI, the user’s existing sessions are not cleared, allowing continued access even after password changes. This issue is CLI-specif...