Apache Airflow has patched two separate credential-exposure vulnerabilities in versions before 3.1.6.
The flaws could allow attackers to extract sensitive authentication data embedded in proxy configurations and templated workflow fields through log files and the web UI, potentially compromising network infrastructure and sensitive data pipelines.
The first vulnerability affects Apache Airflow versions before 3.1.6 and stems from improper handling of proxy URLs in Connection objects.
| Aspect | CVE-2025-68675 | CVE-2025-68438 |
| Affected Versions | Apache Airflow < 3.1.6 | Apache Airflow 3.1.0–3.1.6 |
| Severity | Low | Low |
| Exposed Data | Proxy credentials | API keys, tokens, secrets |
| Component | Connection proxy fields | Rendered Templates UI |
| Fixed Version | 3.1.6 | 3.1.6 |
Proxy configurations often contain embedded authentication credentials in the form of http://username:[email protected]:8080.
These fields were not designated as sensitive, meaning proxy credentials were logged in cleartext whenever connections were rendered or displayed.
In Airflow’s logging infrastructure, when users view connection details, troubleshoot pipeline issues, or access audit logs, the proxy credentials become visible to anyone with log access.
This is particularly dangerous in shared environments where multiple teams access Airflow instances, as adversaries or disgruntled insiders could extract these credentials and use them to intercept network traffic or pivot through proxy infrastructure.
The second vulnerability affects Airflow 3.1.0 through 3.1.6 and involves improper masking of secrets in the Rendered Templates UI.
However, the serialization process used a secrets masker instance that did not recognize user-registered mask_secret() patterns, leading to sensitive values appearing unmasked before truncation.
This flaw enables attackers with web UI access to view sensitive data such as API keys, database credentials, and tokens in rendered templates.
Since truncation occurs after serialization rather than before, the masking layer fails, exposing secrets in their entirety unless they fall within the truncated portion.
Both vulnerabilities require either direct access to log files or authentication to the Airflow web interface, which moderates their severity rating.
However, in cloud environments, logs are often aggregated and accessible across teams, and web interface access may be broadly granted.
Apache has patched both issues in version 3.1.6. Organizations should prioritize upgrading immediately, as these flaws directly compromise authentication secrets.
Additionally, administrators should review log retention policies and implement secret redaction rules in centralized logging systems to prevent accidental credential exposure.
For temporary mitigation, organizations can restrict access to Airflow logs and the web UI, implement IP allowlisting, and rotate any credentials that may have been exposed.
Security teams should audit recent logs for suspicious authentication attempts or unauthorized proxy access.
The vulnerabilities were discovered by lwlkr and William Ashe, with remediations developed by Ankit Chaurasia and Amogh Desai, respectively.
Users relying on Airflow for data pipeline orchestration should treat this upgrade as critical to protect workflow infrastructure and downstream systems.
Follow us on Google News, LinkedIn, and X to Get Instant Updates ancd Set GBH as a Preferred Source in Google.