CVE-2024-39877 | Apache Airflow up to 2.9.2 Scheduler doc_md Privilege Escalation

Posted by Angelo Barbosa | Jul 16, 2024 | CVE

A vulnerability was found in Apache Airflow up to 2.9.2. It has been classified as critical. Affected is an unknown function of the component Scheduler. The manipulation of the argument doc_md leads to Privilege Escalation.

This vulnerability is traded as CVE-2024-39877. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39877 | Apache Airflow up to 2.9.2 Scheduler doc_md Privilege Escalation

Related Posts

CVE-2024-8828 | PDF-XChange Editor EMF File Parser out-of-bounds (ZDI-24-1251)

CVE-2023-3741 | NEC DT900/DT900S os command injection

CVE-2024-7413 | Obfuscate Email Plugin up to 3.8.1 on WordPress information disclosure

CVE-2024-25381 | Emlog Pro 2.2.8 Article Publishing cross site scripting