Dolphinscheduler@3.0.0 Security Vulnerabilities and Issues — Dolphinscheduler@3.0.0 CVE List

Lucene search

ApacheDolphinscheduler3.0.0

4 matches found

CVE•added 2024/02/20 10:15 a.m.•4600 views

CVE-2023-49109

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

9.8CVSS9.7AI score0.03232EPSS

CVE•added 2023/11/24 8:15 a.m.•65 views

CVE-2023-48796

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler. The information exposed to unauthorized actors may include sensitive data such as database credentials. Users who can't upgrade to the fixed version can also set environment variable MANAGEMENT_ENDP...

7.5CVSS7.4AI score0.00356EPSS

CVE•added 2024/08/20 8:15 a.m.•61 views

CVE-2024-43202

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

9.8CVSS7.4AI score0.02919EPSS

CVE•added 2023/04/20 4:15 p.m.•44 views

CVE-2023-25601

On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the py...

4.3CVSS4.4AI score0.00058EPSS