CVE-2022-38054 - Apache Airflow
Critical 9.8
In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation.
Affected software
Apache Airflow
Get alerted to vulnerabilities in your software
CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.