CVE-2023-25956

CVE-2023-25956: Apache Airflow AWS Provider: Arbitrary file read via AWS provider

Vendor Apache Software Foundation
Product Apache Airflow AWS Provider
Weakness CWE-209 · Error message info leak
Published February 24, 2023
Last update October 23, 2024

CVSS base score

What the vulnerability does

Description

Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.

Key dates

Disclosure timeline

February 24, 2023 CVE published
October 23, 2024 Record updated