You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@dolphinscheduler.apache.org by Jiajie Zhong <zh...@apache.org> on 2024/02/20 05:55:06 UTC
CVE-2023-49109: Remote Code Execution in Apache Dolphinscheduler
Severity: important
Affected versions:
- Apache DolphinScheduler 3.0.0 before 3.2.1
Description:
Exposure of Remote Code Execution in Apache Dolphinscheduler.
This issue affects Apache DolphinScheduler: before 3.2.1.
We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
Credit:
Y4tacker and 4ra1n from Y4secTeam (finder)
References:
https://github.com/apache/dolphinscheduler/pull/14991
https://dolphinscheduler.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-49109