PYSEC-2024-195
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/apache-airflow/PYSEC-2024-195.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2024-195
- Aliases
- Published
- 2024-06-14T09:15:09Z
- Modified
- 2025-01-19T16:56:46.007028Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.
Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.
This issue affects Apache Airflow: before 2.9.2.
Users are recommended to upgrade to version 2.9.2, which fixes the issue.
- References
Affected packages
PyPI / apache-airflow
Package
- Name
- apache-airflow
- View open source insights on deps.dev
- Purl
- pkg:pypi/apache-airflow
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.2
Affected versions
1.*
1.8.1
1.8.2rc1
1.8.2
1.9.0
1.10.0
1.10.1b1
1.10.1rc2
1.10.1
1.10.2b2
1.10.2rc1
1.10.2rc2
1.10.2rc3
1.10.2
1.10.3b1
1.10.3b2
1.10.3rc1
1.10.3rc2
1.10.3
1.10.4b2
1.10.4rc1
1.10.4rc2
1.10.4rc3
1.10.4rc4
1.10.4rc5
1.10.4
1.10.5rc1
1.10.5
1.10.6rc1
1.10.6rc2
1.10.6
1.10.7rc1
1.10.7rc2
1.10.7rc3
1.10.7
1.10.8rc1
1.10.8
1.10.9rc1
1.10.9
1.10.10rc1
1.10.10rc2
1.10.10rc3
1.10.10rc4
1.10.10rc5
1.10.10
1.10.11rc1
1.10.11rc2
1.10.11
1.10.12rc1
1.10.12rc2
1.10.12rc3
1.10.12rc4
1.10.12
1.10.13rc1
1.10.13
1.10.14rc1
1.10.14rc2
1.10.14rc3
1.10.14rc4
1.10.14
1.10.15rc1
1.10.15
2.*
2.0.0b1
2.0.0b2
2.0.0b3
2.0.0rc1
2.0.0rc2
2.0.0rc3
2.0.0
2.0.1rc1
2.0.1rc2
2.0.1
2.0.2rc1
2.0.2
2.1.0rc1
2.1.0rc2
2.1.0
2.1.1rc1
2.1.1
2.1.2rc1
2.1.2
2.1.3rc1
2.1.3
2.1.4rc1
2.1.4rc2
2.1.4
2.2.0b1
2.2.0b2
2.2.0rc1
2.2.0
2.2.1rc1
2.2.1rc2
2.2.1
2.2.2rc1
2.2.2rc2
2.2.2
2.2.3rc1
2.2.3rc2
2.2.3
2.2.4rc1
2.2.4
2.2.5rc1
2.2.5rc2
2.2.5rc3
2.2.5
2.3.0b1
2.3.0rc1
2.3.0rc2
2.3.0
2.3.1rc1
2.3.1
2.3.2rc1
2.3.2rc2
2.3.2
2.3.3rc1
2.3.3rc2
2.3.3rc3
2.3.3
2.3.4rc1
2.3.4
2.4.0b1
2.4.0rc1
2.4.0
2.4.1rc1
2.4.1
2.4.2rc1
2.4.2
2.4.3rc1
2.4.3
2.5.0rc1
2.5.0rc2
2.5.0rc3
2.5.0
2.5.1rc1
2.5.1rc2
2.5.1
2.5.2rc1
2.5.2rc2
2.5.2
2.5.3rc1
2.5.3rc2
2.5.3
2.6.0b1
2.6.0rc1
2.6.0rc2
2.6.0rc3
2.6.0rc4
2.6.0rc5
2.6.0
2.6.1rc1
2.6.1rc2
2.6.1rc3
2.6.1
2.6.2rc1
2.6.2rc2
2.6.2
2.6.3rc1
2.6.3
2.7.0b1
2.7.0rc1
2.7.0rc2
2.7.0
2.7.1rc1
2.7.1rc2
2.7.1
2.7.2rc1
2.7.2
2.7.3rc1
2.7.3
2.8.0b1
2.8.0rc1
2.8.0rc2
2.8.0rc3
2.8.0rc4
2.8.0
2.8.1rc1
2.8.1
2.8.2rc1
2.8.2rc2
2.8.2rc3
2.8.2
2.8.3rc1
2.8.3
2.8.4rc1
2.8.4
2.9.0b1
2.9.0b2
2.9.0rc1
2.9.0rc2
2.9.0rc3
2.9.0
2.9.1rc1
2.9.1rc2
2.9.1
2.9.2rc1