16Tem
CVE-2024-39877 | Apache Airflow up to 2.9.2 Scheduler doc_md Privilege Escalation
A vulnerability was found in Apache Airflow up to 2.9.2. It has been classified as critical. Affected is an unknown function of the component Scheduler. The manipulation of the argument doc_md leads to Privilege Escalation. This vulnerability is traded as CVE-2024-39877. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.