Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Dolphinscheduler Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2020-11974

In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.

9.8CVSS

9.7AI Score

0.039EPSS

2020-12-18 09:15 PM
73
5
cve
cve

CVE-2022-45462

Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher

9.8CVSS

9.7AI Score

0.009EPSS

2022-11-23 09:15 AM
46
11
cve
cve

CVE-2022-45875

Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions.This attack can be performed only by authenticated users wh...

9.8CVSS

9.3AI Score

0.003EPSS

2023-01-04 03:15 PM
39
cve
cve

CVE-2023-49109

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

9.8CVSS

7.1AI Score

0.0004EPSS

2024-02-20 10:15 AM
4570
cve
cve

CVE-2024-43202

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

9.8CVSS

7.4AI Score

0.0004EPSS

2024-08-20 08:15 AM
29