Security Advisory

CVE-2022-24288

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-25 08:30:16

Last updated 2024-08-03 04:07:02

Assigner apache

State PUBLISHED

Description

In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI.

← Browse all CVEs View on cve.org ↗