CVE-2023-25956: Generation of Error Message Containing Sensitive Information

February 24, 2023

Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.

References

github.com/advisories/GHSA-w695-p3j5-hrj9
github.com/apache/airflow/pull/29587
lists.apache.org/thread/07pl9y4gdpw2c6rzqm77dvkm2z2kb5gv
nvd.nist.gov/vuln/detail/CVE-2023-25956

Detect and mitigate CVE-2023-25956 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →