CVE-2023-25956

CVE-2023-25956: Apache Airflow AWS Provider: Arbitrary file read via AWS provider

Vendor Apache Software Foundation

Product Apache Airflow AWS Provider

Weakness CWE-209 · Error message info leak

Published February 24, 2023

Last update October 23, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.

Key dates

Disclosure timeline

February 24, 2023 CVE published

October 23, 2024 Record updated