PyPI: sagemaker

CVE-2022-40754

Safety vulnerability ID: SFTY-20220921-86986

Safety legacy ID: pyup.io-51357

Sagemaker 2.111.0 updates its dependency 'apache-airflow' to v2.4.0 to include a security fix.

PyPI

NVD

Created at: Nov 5, 2025Updated at: Nov 5, 2025

Overview

Sagemaker 2.111.0 updates its dependency 'apache-airflow' to v2.4.0 to include a security fix.

Advisory

Sagemaker 2.111.0 updates its dependency 'apache-airflow' to v2.4.0 to include a security fix.

Affected Package

Affecting sagemaker package, versions

<2.111.0

Also affects

---

How to Fix

Upgrade

sagemaker

2.111.0

or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

https://getsafety.com/vulnerabilities/SFTY-20220921-86986/CVE-2022-40754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40754

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more