Back to search
CVE-2024-25142
Published: Jun 14, 2024
Modified: Mar 20, 2025
PUBLISHED
Description
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache Airflow: before 2.9.2. Users are recommended to upgrade to version 2.9.2, which fixes the issue.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache Airflow | affected 0 - < 2.9.2 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now