CVE-2024-25142

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-25142
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.  Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache Airflow: before 2.9.2. Users are recommended to upgrade to version 2.9.2, which fixes the issue.
CVSS

No CVSS.

References
Link Resource
https://github.com/apache/airflow/pull/39550
https://lists.apache.org/thread/cg1j28lk0fhzthk0of1g7vy7p2n1j7nr
Configurations

No configuration.

History

17 Jun 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) Uso de la vulnerabilidad de caché del navegador web que contiene información confidencial en Apache Airflow. Airflow no devolvió el encabezado "Cache-Control" para contenido dinámico, lo que en el caso de algunos navegadores podría resultar en el almacenamiento de datos confidenciales en la caché local del navegador. Este problema afecta a Apache Airflow: antes de 2.9.2. Se recomienda a los usuarios actualizar a la versión 2.9.2, que soluciona el problema.

14 Jun 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-14 09:15

Updated : 2024-06-17 12:42

NVD link : CVE-2024-25142

Mitre link : CVE-2024-25142

CVE.ORG link : CVE-2024-25142

JSON object : View

Products Affected

No product.

CWE
CWE-525

Use of Web Browser Cache Containing Sensitive Information


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024