CVE-2024-45498 | Apache Airflow 2.10.0 DAG Trigger Permission command injection

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability has been found in Apache Airflow 2.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component DAG Trigger Permission Handler. The manipulation leads to command injection.

This vulnerability is known as CVE-2024-45498. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45498 | Apache Airflow 2.10.0 DAG Trigger Permission command injection

Related Posts

CVE-2024-6272 | SpiderContacts Plugin up to 1.1.7 on WordPress cross site scripting

CVE-2023-52269 | MDaemon Security Gateway up to 9.0.3 Message Content Filtering Rule cross site scripting

CVE-2024-27409 | Linux Kernel up to 6.6.20/6.7.8 dmaengine race condition (227ef58a9b0c/17be6f5cb223/712a92a48158)

CVE-2023-6511 | Google Chrome prior 120.0.6099.62 Autofill information disclosure