admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 18:21:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-287xx/CVE-2024-28746.json

36 lines
1.1 KiB
JSON
Raw Normal View History

Auto-Update: 2024-03-14T11:00:43.303062+00:00
2024-03-14 11:03:31 +00:00
{
"id": "CVE-2024-28746",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-14T09:15:47.577",
Auto-Update: 2024-03-14T13:00:40.736016+00:00
2024-03-14 13:03:29 +00:00
"lastModified": "2024-03-14T12:52:09.877",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2024-03-14T11:00:43.303062+00:00
2024-03-14 11:03:31 +00:00
"descriptions": [
{
"lang": "en",
"value": "Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.\u00a0\n\nUsers of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/37881",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/b4pffc7w7do6qgk4jjbyxvdz5odrvny7",
"source": "security@apache.org"
}
]
}
Reference in New Issue Copy Permalink