oss-sec mailing list archives
CVE-2024-43166: Apache DolphinScheduler: CWE-276 Incorrect Default Permissions
From: Lidong Dai <lidongdai () apache org>
Date: Wed, 03 Sep 2025 05:05:51 +0000
Severity: low Affected versions: - Apache DolphinScheduler before 3.2.2 Description: Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue. Credit: L0ne1y (reporter) References: https://lists.apache.org/thread/bzwc397wv9yywqttxn2ohtfp0lvg454y https://dolphinscheduler.apache.org https://www.cve.org/CVERecord?id=CVE-2024-43166
Current thread:
- CVE-2024-43166: Apache DolphinScheduler: CWE-276 Incorrect Default Permissions Lidong Dai (Sep 03)