Lucene search
ApacheCVELIST:CVE-2021-27644HistoryNov 01, 2021 - 9:15 a.m.
CVE-2021-27644 DolphinScheduler mysql jdbc connector parameters deserialize remote code execution
2021-11-0109:15:10
CWE-264
apache
www.cve.org
5
cve-2021-27644
dolphinscheduler
mysql
jdbc
parameters
deserialize
remote code execution
apache
sql injection
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)
CNA Affected
[
{
"product": "Apache DolphinScheduler",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.3.6",
"status": "affected",
"version": "Apache DolphinScheduler",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-27644
2021-11-01 10:15:11
veracode
veracode
SQL Injection
2021-11-02 09:05:36
github
github
SQL injection in Apache DolphinScheduler
2021-11-03 17:30:18
cve
cve
CVE-2021-27644
2021-11-01 10:15:11
prion
prion
Sql injection
2021-11-01 10:15:00
osv
osv
CVE-2021-27644
2021-11-01 10:15:11
SQL injection in Apache DolphinScheduler
2021-11-03 17:30:18