Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:PYSEC-2024-46
HistoryMar 14, 2024 - 9:15 a.m.

PYSEC-2024-46

2024-03-1409:15:00
Google
osv.dev
34
apache airflow
2.8.0
2.8.2
vulnerability
unauthorized access
upgrade
mitigation

AI Score

6.8

Confidence

High

EPSS

0

Percentile

15.5%

JSON

Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.

Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability

Related

vulnrichment 1
cnvd 1
osv 3
prion 1
cve 1
nvd 1
cvelist 1
github 1
veracode 1
vulnrichment
vulnrichment
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
cnvd
cnvd
Apache Airflow Information Disclosure Vulnerability Vulnerability (CNVD-2024-13567)
2024-03-18 00:00:00
osv
osv
BIT-airflow-2024-28746
2024-03-31 18:16:36
CVE-2024-28746
2024-03-14 09:15:47
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
prion
prion
CVE-2024-28746
2024-03-14 22:54:11
cve
cve
CVE-2024-28746
2024-03-14 09:15:47
nvd
nvd
CVE-2024-28746
2024-03-14 09:15:47
cvelist
cvelist
CVE-2024-28746 Apache Airflow: Ignored Airflow Permissions
2024-03-14 08:41:03
github
github
Apache Airflow: Ignored Airflow Permission
2024-03-14 09:31:05
veracode
veracode
Authorization Bypass
2024-03-15 19:58:58

AI Score

6.8

Confidence

High

EPSS

0

Percentile

15.5%

JSON
Related for OSV:PYSEC-2024-46
vulnrichment1cnvd1osv3prion1cve1nvd1cvelist1github1veracode1