Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 23 Feb 2023 17:48:43 +0000
From: Jarek Potiuk <>
Subject: CVE-2023-25956: Apache Airflow AWS Provider: Arbitrary file read
 via AWS provider 

Severity: moderate


Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider.

This issue affects Apache Airflow AWS Provider versions before 7.2.1.


Son Tran from VNPT - VCI (finder)


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.