Skip to main content

CVE-2024-25142

Severity Medium
Score 5.5/10

Summary

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return the "Cache-Control" header for dynamic content, which in the case of some browsers could result in potentially storing sensitive data in the local cache of the browser. This issue affects apache-airflow versions prior to 2.9.2rc1.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • NONE

Advisory Timeline

  • Published