5 matches found
CVE-2026-23902
Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...
Apache DolphinScheduler has an Incorrect Authorization Vulnerability
Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...
Incorrect Authorization
Overview org.apache.dolphinscheduler:dolphinscheduler-dao is an A visual DAG workflow scheduling system, dedicated to solving the complex dependencies in data processing. Affected versions of this package are vulnerable to Incorrect Authorization during workflow execution. An attacker can gain...
Remote Code Execution (RCE)
Overview diffy is a Convenient diffing gem in ruby. Affected versions of this package are vulnerable to Remote Code Execution RCE. The function that calls the diff tool does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitra...
PT-2015-4325 · Pivotal +1 · Rabbitmq
Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 2.1.0 through 3.4.x Description: A cross-site scripting XSS issue exists due to improper handling of the path info to "api/" in an error message, allowing remote attackers to inject arbitrary web script or HTML...