Lucene search
Veracode Vulnerability DatabaseVERACODE:45569HistoryFeb 21, 2024 - 3:58 p.m.
Remote Code Execution (RCE)
2024-02-2115:58:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
remote code execution
apache dolphinscheduler
user input
arbitrary code.
Apache DolphinScheduler is vulnerable to Remote Code Execution (RCE). The vulnerability is due to improper handling of user input, allowing attackers to execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolphinscheduler | le | 3.2.0 | |
| dolphinscheduler | le | 3.2.0 |
References
www.openwall.com/lists/oss-security/2024/02/20/4
github.com/advisories/GHSA-qwxx-xww6-8q8m
github.com/apache/dolphinscheduler/commit/8c01fcf14b199e2c1ba86c17351e1ea30614f484
github.com/apache/dolphinscheduler/pull/14991
lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8
lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5
Related
prion
prion
Remote code execution
2024-02-20 10:15:00
nvd
nvd
CVE-2023-49109
2024-02-20 10:15:07
cnvd
cnvd
Apache Dolphinscheduler Code Execution Vulnerability
2024-03-14 00:00:00
osv
osv
CVE-2023-49109
2024-02-20 10:15:07
Remote Code Execution in Apache Dolphinscheduler
2024-02-20 12:30:58
github
github
Remote Code Execution in Apache Dolphinscheduler
2024-02-20 12:30:58
cvelist
cvelist
CVE-2023-49109 Remote Code Execution in Apache Dolphinscheduler
2024-02-20 09:58:56
cve
cve
CVE-2023-49109
2024-02-20 10:15:07