Secrets not masked in UI when sensitive variables are set via Airflow cli

When a sensitive variable is set using Airflow cli, it should be masked on every instance where it is referenced in the UI. However it has been observed that it is masked on the Variable List page and other pages but not the Audit logs page. Allocated CVE: CVE-2024-50378 Apache Airflow release notes that confirm about fixing the issue in latest release 2.10.3: https://airflow.apache.org/docs/apache-airflow/stable/release_notes.html#airflow-2-10-3-2024-11-04 Pull request that fix the issue: https://github.com/apache/airflow/pull/43123 Email communication between me (reporter) and the security team of Apache Airflow: {F3741395} ## Impact Sensitive information disclosed on UI without masking.