CVE-2022-24288: Apache Airflow: RCE in example DAGs

[Jedidiah Cunningham <jedcunningham () apache org>]

Severity: high

Description:

In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making 
them susceptible to OS Command Injection from the web UI.

Mitigation:

This can be mitigated by ensuring `[core] load_examples` is set to `False`.

Credit:

The Apache Airflow PMC would like to thank Kai Zhao of the TToU Security Team for reporting this issue.