Lucene search
+L

4 matches found

osv
osv
added 2026/05/19 8:16 p.m.4 views

PYSEC-2026-595

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.7AI score0.00413EPSS
Exploits0References4
euvd
euvd
added 2026/05/19 7:17 p.m.15 views

EUVD-2026-30974

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References2
cve
cve
added 2026/05/19 7:17 p.m.25 views

CVE-2026-42526

The CVE-2026-42526 vulnerability affects apache-airflow-providers-amazon backends for AWS Secrets Manager and SSM Parameter Store prior to 9.28.0. The team-scoping logic could resolve a conn_id containing a slash (for example a_team/conn) to the same path as another team’s secret when the caller ...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.13 views

PT-2026-42004

Name of the Vulnerable Software and Affected Versions apache-airflow-providers-amazon versions prior to 9.28.0 Description In the AWS Secrets Manager and SSM Parameter Store secrets backends, the team-scoping logic could resolve a conn id containing a / for example, "my team/conn" to the same pat...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References10
Rows per page
Query Builder