oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2024-30188: Apache DolphinScheduler: Resource File Read And Write Vulnerability

From: ShunFeng Cai <caishunfeng () apache org>
Date: Fri, 09 Aug 2024 12:43:12 +0000
Severity: important

Affected versions:

- Apache DolphinScheduler 3.1.0 before 3.2.2

Description:

File read and write vulnerability in Apache DolphinScheduler ,  authenticated users can illegally access additional 
resource files.
This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2.

Users are recommended to upgrade to version 3.2.2, which fixes the issue.

Credit:

L0ne1y (reporter)
drun1baby (reporter)
Zevi (reporter)
Xun Bai (reporter)

References:

https://dolphinscheduler.apache.org
https://www.cve.org/CVERecord?id=CVE-2024-30188
Previous By Date Next
Previous By Thread Next

Current thread: