Apache DolphinScheduler is vulnerable to Remote Code Execution (RCE). The vulnerability is due to improper handling of user input, allowing attackers to execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
dolphinscheduler | le | 3.2.0 | |
dolphinscheduler | le | 3.2.0 |
www.openwall.com/lists/oss-security/2024/02/20/4
github.com/advisories/GHSA-qwxx-xww6-8q8m
github.com/apache/dolphinscheduler/commit/8c01fcf14b199e2c1ba86c17351e1ea30614f484
github.com/apache/dolphinscheduler/pull/14991
lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8
lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5