Dolphinscheduler Security Vulnerabilities and Issues — Dolphinscheduler CVE List

Lucene search

ApacheDolphinscheduler

5 matches found

CVE•added 2024/02/20 10:15 a.m.•4598 views

CVE-2023-49109

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

9.8CVSS9.7AI score0.03232EPSS

CVE•added 2020/12/18 9:15 p.m.•87 views

CVE-2020-11974

In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.

9.8CVSS9.7AI score0.11349EPSS

CVE•added 2022/11/23 9:15 a.m.•65 views

CVE-2022-45462

Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher

9.8CVSS9.8AI score0.0326EPSS

CVE•added 2023/01/04 3:15 p.m.•63 views

CVE-2022-45875

Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions.This attack can be performed only by authenticated users wh...

9.8CVSS9.5AI score0.03082EPSS

CVE•added 2024/08/20 8:15 a.m.•59 views

CVE-2024-43202

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

9.8CVSS7.4AI score0.02919EPSS