HIGH 7.5
PYSEC-2026-771
Apache Airflow AWS Provider Generates Error Message Containing Sensitive Information
Details
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / apache-airflow-providers-amazon
Introduced in:
0 Fixed in: 7.2.1 Fix
pip install --upgrade 'apache-airflow-providers-amazon>=7.2.1' References
- https://nvd.nist.gov/vuln/detail/CVE-2023-25956 [ADVISORY]
- https://github.com/apache/airflow/pull/29587 [WEB]
- https://github.com/apache/airflow [PACKAGE]
- https://lists.apache.org/thread/07pl9y4gdpw2c6rzqm77dvkm2z2kb5gv [WEB]
- https://pypi.org/project/apache-airflow-providers-amazon [PACKAGE]
- https://github.com/advisories/GHSA-w695-p3j5-hrj9 [ADVISORY]