Apache Apache-airflow-providers-amazon — known CVE vulnerabilities
Every CVE whose affected-product data names Apache Apache-airflow-providers-amazon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-25956 — CVSS 7.5 (high): Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache…
CVE-2026-25604 — CVSS 5.4 (medium): In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual…
CVE-2026-42526 — CVSS 5.3 (medium): In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-amazon` prior to 9.28.0, the team-scoping…