CVE-2022-38054: Apache Airflow Session Fixation vulnerability

Severity: Critical

CVSS Score: 9.8

In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation.