Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-24288

Disclosure Date: February 25, 2022 (last updated February 23, 2025)
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0