At Marco's request, I am asking MITRE to either revoke CVE-2024-37408 or for
MITRE to transfer CVE ownership to Canonical's CNA for revocation.
On Thu, Jun 13, 2024 at 06:40:51PM +0200, Marco Trevisan wrote:
> Hi Yaron,
>
> Thanks for taking time to look into this issue.
>
> We appreciate the
Hi Yaron,
Thanks for taking time to look into this issue.
We appreciate the analysis you did, although, as we already shared
privately, we don't think that this is a fprintd issue but rather an
architectural issue of how PAM modules interact with sudo that, by
design, does not permit an
Severity: low
Affected versions:
- Apache Airflow before 2.9.2
Description:
Use of Web Browser Cache Containing Sensitive Information vulnerability in
Apache Airflow.
Airflow did not return "Cache-Control" header for dynamic content, which in
case of some browsers could result in