📦 Dolphinscheduler
by Apache
🔍 What is Dolphinscheduler?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Apache DolphinScheduler versions before 3.2.2 have incorrect default permissions that could allow unauthorized access to sensitive functionality or data. This affects all deployments using vulnerable ...
This vulnerability allows remote attackers to execute arbitrary code on Apache DolphinScheduler servers by exploiting improper input validation. It affects all Apache DolphinScheduler installations be...
This vulnerability allows remote attackers to execute arbitrary code on Apache DolphinScheduler servers due to improper input validation (CWE-94). It affects all users running versions before 3.2.1, p...
CVE-2020-11974 is a remote code execution vulnerability in DolphinScheduler 1.2.0 and 1.2.1 when configured with MySQL as the database. Attackers can exploit this vulnerability to execute arbitrary co...
An authenticated user in Apache DolphinScheduler can exploit improper input validation in alert script functionality to execute arbitrary shell commands on the server. This affects all Apache DolphinS...
This vulnerability in Apache DolphinScheduler allows authenticated users to read and write files they shouldn't have access to, potentially exposing sensitive data or enabling further system compromis...
CVE-2023-51770 is an arbitrary file read vulnerability in Apache DolphinScheduler that allows attackers to read sensitive files from the server filesystem. This affects all Apache DolphinScheduler ins...
This vulnerability allows authenticated users in Apache DolphinScheduler to execute arbitrary JavaScript code on the server without sandbox restrictions. This affects all Apache DolphinScheduler insta...
Apache DolphinScheduler versions before 3.2.1 expose sensitive information to unauthorized actors through improper log handling. This vulnerability allows attackers to access confidential data that sh...
Apache DolphinScheduler's user registration feature contains a Regular Expression Denial of Service (ReDoS) vulnerability that allows attackers to cause service disruption by sending specially crafted...
CVE-2021-27644 is a SQL injection vulnerability in Apache DolphinScheduler's data source center that allows authorized users to execute arbitrary SQL commands. This affects MySQL data sources configur...