Dolphinscheduler Security Vulnerabilities and Issues — Dolphinscheduler CVE List

Lucene search

ApacheDolphinscheduler

6 matches found

CVE•added 2024/02/20 10:15 a.m.•4600 views

CVE-2023-49109

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

9.8CVSS9.7AI score0.03232EPSS

CVE•added 2020/12/18 9:15 p.m.•88 views

CVE-2020-11974

In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.

9.8CVSS9.7AI score0.11349EPSS

CVE•added 2022/11/23 9:15 a.m.•66 views

CVE-2022-45462

Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher

9.8CVSS9.8AI score0.03642EPSS

CVE•added 2023/01/04 3:15 p.m.•64 views

CVE-2022-45875

Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions.This attack can be performed only by authenticated users wh...

9.8CVSS9.5AI score0.03082EPSS

CVE•added 2024/08/20 8:15 a.m.•61 views

CVE-2024-43202

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

9.8CVSS7.4AI score0.02919EPSS

CVE•added 2025/09/03 10:15 a.m.•9 views

CVE-2024-43166

Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.

9.8CVSS6.4AI score0.0008EPSS