2 matches found
CVE-2026-42358 Apache Airflow: Variable masker depth-limit bypass returns cleartext nested secrets
A bug in Apache Airflow's Variable response masker caused nested-key redaction triggered by secret-suffixed key names like password, token, secret, apikey to be bypassed when the JSON value's nesting depth exceeded the shared secrets masker's recursion limit: the masker returned the original nest...
CVE-2026-42358
creationtimestamp| type| source ---|---|--- 2026-05-31 13:32:31+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mn5oi3cac32a...