Vulnerability CVE-2024-43202


Published: 2024-08-20

Description:
Exposure of Remote Code Execution in Apache Dolphinscheduler.

This issue affects Apache DolphinScheduler: before 3.2.2.

We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

Type:

CWE-94

(Improper Control of Generation of Code ('Code Injection'))

 References:
https://github.com/apache/dolphinscheduler/pull/15758
https://lists.apache.org/thread/nlmdp7q7l7o3l27778vxc5px24ncr5r5
https://lists.apache.org/thread/qbhk9wqyxhrn4z7m4m343wqxpwg926nh
https://www.cve.org/CVERecord?id=CVE-2023-49109

Copyright 2025, cxsecurity.com

 

Back to Top