CVE-2024-8183

Source
https://cve.org/CVERecord?id=CVE-2024-8183
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8183.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-8183
Aliases
Downstream
Published
2025-03-20T10:11:10.708Z
Modified
2026-07-08T06:27:44.161793376Z
Severity
  • 7.6 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L CVSS Calculator
Summary
CORS Misconfiguration in prefecthq/prefect
Details

A CORS (Cross-Origin Resource Sharing) misconfiguration in prefecthq/prefect version 2.20.2 allows unauthorized domains to access sensitive data. This vulnerability can lead to unauthorized access to the database, resulting in potential data leaks, loss of confidentiality, service disruption, and data integrity risks.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/8xxx/CVE-2024-8183.json",
    "cwe_ids": [
        "CWE-346"
    ],
    "cna_assigner": "@huntr_ai"
}
References

Affected packages

Git / github.com/prefecthq/prefect

Affected ranges

Type
GIT
Repo
https://github.com/prefecthq/prefect
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.0.3"
        }
    ]
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8183.json"