pkg:Maven/org.apache.dolphinscheduler:dolphinscheduler

All known vulnerabilities

• CRITICAL9.8CVE-2023-49109Remote Code Execution in Apache Dolphinscheduler
  >= 3.0.0, < 3.2.1
• CRITICAL9.8CVE-2022-45875Apache DolphinScheduler vulnerable to Improper Input Validation
  from 0, < 3.0.2
• CRITICAL9.8CVE-2020-11974Remote code execution in DolphinScheduler
  from 0, < 1.3.0
• HIGH8.8Apache DolphinScheduler vulnerable to Alert Script Attack
  from 0, < 3.2.2
• HIGH8.8Apache DolphinScheduler: RCE by arbitrary js execution
  from 0, < 3.2.2
• HIGH8.1Apache DolphinScheduler has an Incorrect Authorization Vulnerability
  from 0, < 3.4.1
• HIGH8.1Apache DolphinScheduler: Resource File Read And Write Vulnerability
  >= 3.1.0, < 3.2.2
• HIGH7.5Apache DolphinScheduler vulnerable to sensitive information disclosure
  >= 3.1.0, < 3.2.0
• HIGH7.5Arbitrary File Read Vulnerability in Apache Dolphinscheduler
  from 0, < 3.2.1
• HIGH7.5Apache DolphinScheduler sensitive information disclosure
  >= 3.0.0, < 3.0.2
• HIGH7.5Uncontrolled Resource Consumption in Apache DolphinScheduler
  from 0, < 2.0.5
• HIGH7.3Improper Certificate Validation in Apache DolphinScheduler
  from 0, < 3.2.1
• MEDIUM6.5Apache DolphinScheduler vulnerable to Path Traversal
  from 0, < 3.0.0
• MEDIUM6.5Apache DolphinScheduler vulnerable to Path Traversal
  from 0, < 2.0.6
• MEDIUM6.3Apache DolphinScheduler RPC module has a Deserialization of Untrusted Data vulnerability
  >= 3.2.0, < 3.3.1
• —Apache DolphinScheduler Incorrect Default Permissions Vulnerability
  from 0, < 3.3.1
• —Session Fixation Apache DolphinScheduler
  >= 1.3.8, < 3.2.1