DolphinScheduler Remote Code Execution Vulnerability
CVE-2024-43202

Currently unrated

Key Information:

Vendor: Apache
Status: Apache Dolphinscheduler
Vendor: CVE Published:; 20 August 2024

Summary

Exposure of Remote Code Execution in Apache Dolphinscheduler.

This issue affects Apache DolphinScheduler: before 3.2.2.

We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

Affected Version(s)

Apache DolphinScheduler 3.0.0 < 3.2.2

References

https://github.com/apache/dolphinscheduler/pull/15758

https://lists.apache.org/thread/nlmdp7q7l7o3l27778vxc5px2...

vendor-advisory

https://lists.apache.org/thread/qbhk9wqyxhrn4z7m4m343wqxp...

vendor-advisory

Timeline

Vulnerability published
Aug 20, 2024
Vulnerability Reserved
Aug 7, 2024

Credit

an4er

.