Vulnerability Database

296,317

Total vulnerabilities in the database

CVE-2024-32077

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.  Users are recommended to upgrade to version 2.9.1, which fixes this issue.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
Python icon apache-airflow 2.9.0 2.9.0.x
Python icon apache-airflow 2.9.0 2.9.1
apache / airflow 2.9.0 2.9.0.x
apache / airflow 2.9.0-beta1 2.9.0-beta1.x
apache / airflow 2.9.0-beta2 2.9.0-beta2.x
apache / airflow 2.9.0-rc1 2.9.0-rc1.x
apache / airflow 2.9.0-rc2 2.9.0-rc2.x
apache / airflow 2.9.0-rc3 2.9.0-rc3.x