Vulnerabilities > Apache > Airflow > 2.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-25 | CVE-2022-24288 | OS Command Injection vulnerability in Apache Airflow In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI. | 8.8 |
| 2022-01-20 | CVE-2021-45230 | Unspecified vulnerability in Apache Airflow In Apache Airflow prior to 2.2.0. | 6.5 |