How severe is CVE-2024-32077?

CVE-2024-32077 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2024-32077

Name: airflow
Author: apache

5.4MEDIUM

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which f

Опубликовано: 5/14/2024Обновлено: 3/27/2025

Описание

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.

ИИ-АнализНа базе ИИ

Затронутые продукты

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

apacheairflow

2.9.0

Ссылки

http://www.openwall.com/lists/oss-security/2024/05/14/1
Mailing ListThird Party Advisory
https://github.com/apache/airflow/pull/38882
Issue TrackingPatch
https://lists.apache.org/thread/gsjmnrqb3m5fzp0vgpty1jxcywo91v77
Mailing ListVendor Advisory
http://www.openwall.com/lists/oss-security/2024/05/14/1
Mailing ListThird Party Advisory
https://github.com/apache/airflow/pull/38882
Issue TrackingPatch
https://lists.apache.org/thread/gsjmnrqb3m5fzp0vgpty1jxcywo91v77
Mailing ListVendor Advisory