Maven package
org.apache.dolphinscheduler/dolphinscheduler-master
pkg:maven/org.apache.dolphinscheduler/dolphinscheduler-master
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23320 | — | < 3.2.1 | 3.2.1 | Feb 23, 2024 | Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patc | ||
| CVE-2023-49299 | — | < 3.1.9 | 3.1.9 | Dec 30, 2023 | Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fi |
- CVE-2024-23320Feb 23, 2024affected < 3.2.1fixed 3.2.1
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patc
- CVE-2023-49299Dec 30, 2023affected < 3.1.9fixed 3.1.9
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fi