Apache: >> Dolphinscheduler >> 1.1.0 Security Vulnerabilities
Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-28
Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.
CVSS Score
7.5
EPSS Score
0.013
Published
2022-03-30
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)
CVSS Score
8.8
EPSS Score
0.039
Published
2021-11-01
Page 2