11 matches found
CVE-2023-25601
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
EUVD-2023-1176
Malicious code in bioql PyPI...
Apache DolphinScheduler's python gateway suffered from improper authentication
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
GHSA-3JXW-CV35-2MMV Apache DolphinScheduler's python gateway suffered from improper authentication
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
CVE-2023-25601
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
CVE-2023-25601
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
Authentication flaw
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
CVE-2023-25601
CVE-2023-25601 describes an improper authentication flaw in Apache DolphinScheduler’s python gateway affecting versions 3.0.0–3.1.1. The issue could permit a socket-based attack without authentication. The vulnerability is fixed in version 3.1.2 and later. Remediation options from the documented ...
CVE-2023-25601 Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the...
PT-2023-20191 · Apache · Apache Dolphinscheduler
Name of the Vulnerable Software and Affected Versions: Apache DolphinScheduler versions 3.0.0 through 3.1.1 Description: The issue concerns improper authentication in Apache DolphinScheduler's python gateway, allowing an attacker to use a socket bytes attack without authentication. This has been...