Lucene search
GoogleOSV:BIT-AIRFLOW-2024-28746HistoryMar 31, 2024 - 6:16 p.m.
BIT-airflow-2024-28746
2024-03-3118:16:36
Google
osv.dev
7
apache airflow
vulnerability
versions 2.8.0
2.8.2
authenticated user
limited permissions
ui
resources
upgrade
Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.Β Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability
Related
vulnrichment
vulnrichment
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
cnvd
cnvd
osv
osv
CVE-2024-28746
2024-03-14 09:15:47
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
PYSEC-2024-46
2024-03-14 09:15:00
prion
prion
CVE-2024-28746
2024-03-14 22:54:11
cve
cve
CVE-2024-28746
2024-03-14 09:15:47
nvd
nvd
CVE-2024-28746
2024-03-14 09:15:47
cvelist
cvelist
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
github
github
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
veracode
veracode
Authorization Bypass
2024-03-15 19:58:58