High severityNVD Advisory· Published Feb 24, 2023· Updated Oct 23, 2024
Apache Airflow AWS Provider: Arbitrary file read via AWS provider
CVE-2023-25956
Description
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider.
This issue affects Apache Airflow AWS Provider versions before 7.2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-airflow-providers-amazonPyPI | < 7.2.1 | 7.2.1 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
4- github.com/apache/airflow/pull/29587ghsapatchWEB
- github.com/advisories/GHSA-w695-p3j5-hrj9ghsaADVISORY
- lists.apache.org/thread/07pl9y4gdpw2c6rzqm77dvkm2z2kb5gvghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-25956ghsaADVISORY
News mentions
0No linked articles in our index yet.