Lucene search
HistoryMar 14, 2024 - 9:15 a.m.
CVE-2024-28746
apache airflow
vulnerability
authenticated user
access
2.8.0-2.8.2
upgrade
Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.
Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability
Related
cnvd
cnvd
osv
osv
CVE-2024-28746
2024-03-14 09:15:47
BIT-airflow-2024-28746
2024-03-31 18:16:36
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
vulnrichment
vulnrichment
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
prion
prion
CVE-2024-28746
2024-03-14 22:54:11
cve
cve
CVE-2024-28746
2024-03-14 09:15:47
cvelist
cvelist
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
github
github
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
veracode
veracode
Authorization Bypass
2024-03-15 19:58:58