Preços Enterprise

CVE-2024-32077

5.4MEDIUM

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which f

Publicado: 5/14/2024Atualizado: 3/27/2025

Ver no NVD Ver no MITRE

Descrição

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.

Análise IADesenvolvido por IA

Produtos Afetados

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

Referências

http://www.openwall.com/lists/oss-security/2024/05/14/1
Mailing ListThird Party Advisory
https://github.com/apache/airflow/pull/38882
Issue TrackingPatch
https://lists.apache.org/thread/gsjmnrqb3m5fzp0vgpty1jxcywo91v77
Mailing ListVendor Advisory
http://www.openwall.com/lists/oss-security/2024/05/14/1
Mailing ListThird Party Advisory
https://github.com/apache/airflow/pull/38882
Issue TrackingPatch
https://lists.apache.org/thread/gsjmnrqb3m5fzp0vgpty1jxcywo91v77
Mailing ListVendor Advisory