pkg:maven/org.apache.dolphinscheduler/dolphinscheduler
Type
maven
Namespace
org.apache.dolphinscheduler
Name
dolphinscheduler
Known advisories, vulnerabilities and fixes for org.apache.dolphinscheduler/dolphinscheduler package.
Critical
3
High
7
Moderate
4
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 3.2.1 |
CVE-2023-49250
|
MAVEN:GHSA-37GX-JQX9-FWMG | Improper Certificate Validation in Apache DolphinScheduler | high |
2024-02-20T12:31:00
(6 months ago) |
|
Fixed | = 3.2.1 |
CVE-2023-49250
|
MAVEN:GHSA-37GX-JQX9-FWMG | Improper Certificate Validation in Apache DolphinScheduler | high |
2024-02-20T12:31:00
(6 months ago) |
|
Affected | = 3.1.0 < 3.0.2 |
CVE-2022-45875
|
MAVEN:GHSA-3XH5-8HVQ-RC8X | Apache DolphinScheduler vulnerable to Improper Input Validation | critical |
2023-01-04T15:30:19
(20 months ago) |
|
Fixed | = 3.1.1 = 3.0.2 |
CVE-2022-45875
|
MAVEN:GHSA-3XH5-8HVQ-RC8X | Apache DolphinScheduler vulnerable to Improper Input Validation | critical |
2023-01-04T15:30:19
(20 months ago) |
|
Affected | >= 3.1.0, < 3.2.2 |
CVE-2024-30188
|
MAVEN:GHSA-4VV4-CRW4-8PCW | Apache DolphinScheduler: Resource File Read And Write Vulnerability | high |
2024-08-12T15:30:49
(5 weeks ago) |
|
Fixed | = 3.2.2 |
CVE-2024-30188
|
MAVEN:GHSA-4VV4-CRW4-8PCW | Apache DolphinScheduler: Resource File Read And Write Vulnerability | high |
2024-08-12T15:30:49
(5 weeks ago) |
|
Affected | >= 3.0.0, < 3.0.2 |
CVE-2023-48796
|
MAVEN:GHSA-4VVC-R4P4-QGRR | Apache DolphinScheduler sensitive information disclosure | high |
2023-11-24T09:30:28
(9 months ago) |
|
Fixed | = 3.0.2 |
CVE-2023-48796
|
MAVEN:GHSA-4VVC-R4P4-QGRR | Apache DolphinScheduler sensitive information disclosure | high |
2023-11-24T09:30:28
(9 months ago) |
|
Affected | < 3.2.1 |
CVE-2023-51770
|
MAVEN:GHSA-FF2W-WM48-JHQJ | Arbitrary File Read Vulnerability in Apache Dolphinscheduler | high |
2024-02-20T12:31:00
(6 months ago) |
|
Fixed | = 3.2.1 |
CVE-2023-51770
|
MAVEN:GHSA-FF2W-WM48-JHQJ | Arbitrary File Read Vulnerability in Apache Dolphinscheduler | high |
2024-02-20T12:31:00
(6 months ago) |
|
Affected | < 3.0.0 |
CVE-2022-34662
|
MAVEN:GHSA-FP35-XRRR-3GPH | Apache DolphinScheduler vulnerable to Path Traversal | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
Fixed | = 3.0.0 |
CVE-2022-34662
|
MAVEN:GHSA-FP35-XRRR-3GPH | Apache DolphinScheduler vulnerable to Path Traversal | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
Affected | < 1.3.0 |
CVE-2020-11974
|
MAVEN:GHSA-JPJ4-5XWP-CV23 | Remote code execution in DolphinScheduler | critical |
2022-02-09T22:44:54
(2 years ago) |
|
Fixed | = 1.3.0 |
CVE-2020-11974
|
MAVEN:GHSA-JPJ4-5XWP-CV23 | Remote code execution in DolphinScheduler | critical |
2022-02-09T22:44:54
(2 years ago) |
|
Affected | < 3.2.2 |
CVE-2024-29831
|
MAVEN:GHSA-M9Q4-P56M-MC6Q | Apache DolphinScheduler: RCE by arbitrary js execution | high |
2024-08-12T15:30:49
(5 weeks ago) |
|
Fixed | = 3.2.2 |
CVE-2024-29831
|
MAVEN:GHSA-M9Q4-P56M-MC6Q | Apache DolphinScheduler: RCE by arbitrary js execution | high |
2024-08-12T15:30:49
(5 weeks ago) |
|
Affected | < 2.0.5 |
CVE-2022-25598
|
MAVEN:GHSA-QG5X-66HP-CW5P | Uncontrolled Resource Consumption in Apache DolphinScheduler | high |
2022-03-31T00:00:23
(2 years ago) |
|
Fixed | = 2.0.5 |
CVE-2022-25598
|
MAVEN:GHSA-QG5X-66HP-CW5P | Uncontrolled Resource Consumption in Apache DolphinScheduler | high |
2022-03-31T00:00:23
(2 years ago) |
|
Affected | < 1.3.2 |
CVE-2020-13922
|
MAVEN:GHSA-QHH5-9738-G9MX | Incorrect Default Permissions in Apache DolphinScheduler | moderate |
2022-02-09T22:26:32
(2 years ago) |
|
Fixed | = 1.3.2 |
CVE-2020-13922
|
MAVEN:GHSA-QHH5-9738-G9MX | Incorrect Default Permissions in Apache DolphinScheduler | moderate |
2022-02-09T22:26:32
(2 years ago) |
|
Affected | >= 3.0.0, < 3.2.1 |
CVE-2023-49109
|
MAVEN:GHSA-QWXX-XWW6-8Q8M | Remote Code Execution in Apache Dolphinscheduler | high |
2024-02-20T12:30:58
(6 months ago) |
|
Fixed | = 3.2.1 |
CVE-2023-49109
|
MAVEN:GHSA-QWXX-XWW6-8Q8M | Remote Code Execution in Apache Dolphinscheduler | high |
2024-02-20T12:30:58
(6 months ago) |
|
Affected | < 3.2.1 |
CVE-2024-23320
|
MAVEN:GHSA-RC6H-QWJ9-2C53 | Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users | critical |
2024-02-23T18:30:59
(6 months ago) |
|
Fixed | = 3.2.1 |
CVE-2024-23320
|
MAVEN:GHSA-RC6H-QWJ9-2C53 | Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users | critical |
2024-02-23T18:30:59
(6 months ago) |
|
Affected | < 3.2.1 |
CVE-2023-50270
|
MAVEN:GHSA-VJQC-G788-F378 | Session Fixation Apache DolphinScheduler | moderate |
2024-02-20T12:31:00
(6 months ago) |
|
Fixed | = 3.2.1 |
CVE-2023-50270
|
MAVEN:GHSA-VJQC-G788-F378 | Session Fixation Apache DolphinScheduler | moderate |
2024-02-20T12:31:00
(6 months ago) |
|
Affected | < 2.0.6 |
CVE-2022-26884
|
MAVEN:GHSA-VPGF-FGM8-GXR2 | Apache DolphinScheduler vulnerable to Path Traversal | moderate |
2022-10-28T12:00:33
(22 months ago) |
|
Fixed | = 2.0.6 |
CVE-2022-26884
|
MAVEN:GHSA-VPGF-FGM8-GXR2 | Apache DolphinScheduler vulnerable to Path Traversal | moderate |
2022-10-28T12:00:33
(22 months ago) |