Security Advisory
CVE-2022-38054
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation.