CVE-2024-25142
Summary
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return the "Cache-Control" header for dynamic content, which in the case of some browsers could result in potentially storing sensitive data in the local cache of the browser. This issue affects apache-airflow versions prior to 2.9.2rc1.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
References
Advisory Timeline
- Published