CVE-2024-8183

Name of the Vulnerable Software and Affected Versions prefecthq/prefect version 2.20.2

Description A CORS (Cross-Origin Resource Sharing) misconfiguration allows unauthorized domains to access sensitive data, potentially leading to unauthorized access to the database. This can result in data leaks, loss of confidentiality, service disruption, and data integrity risks.

Recommendations For prefecthq/prefect version 2.20.2, update to a version that fixes the CORS misconfiguration to prevent unauthorized access to sensitive data. As a temporary workaround, consider restricting access to sensitive data until a patch is available.