CVE-2022-24288

In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt