Org.apache.dolphinscheduler:dolphinscheduler

This hub aggregates every CVE we track for Org.apache.dolphinscheduler:dolphinscheduler, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 14 most recently published vulnerabilities affecting Org.apache.dolphinscheduler:dolphinscheduler.

• CVE-2024-43166Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes th...9.8Sep 3, 2025
• CVE-2024-43115Apache DolphinScheduler: Alert Script Attack8.8Sep 3, 2025
• CVE-2024-30188Apache DolphinScheduler: Resource File Read And Write Vulnerability8.1Aug 9, 2024
• CVE-2024-29831Apache DolphinScheduler: RCE by arbitrary js execution8.8Aug 9, 2024
• CVE-2023-51770Apache DolphinScheduler: Arbitrary File Read Vulnerability7.5Feb 20, 2024
• CVE-2023-50270Apache DolphinScheduler: Session do not expire after password change6.5Feb 20, 2024
• CVE-2023-49250Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil7.3Feb 20, 2024
• CVE-2023-49109Remote Code Execution in Apache Dolphinscheduler9.8Feb 20, 2024
• CVE-2023-48796Apache dolphinscheduler sensitive information disclosure7.5Nov 24, 2023
• CVE-2022-45875Apache DolphinScheduler: Remote command execution Vulnerability in script alert plugin9.8Jan 4, 2023
• CVE-2022-34662Apache DolphinScheduler prior to 3.0.0 allows path traversal6.5Nov 1, 2022
• CVE-2022-26884Apache DolphinScheduler exposes files without authentication6.5Oct 28, 2022
• CVE-2022-25598Apache DolphinScheduler user registration is vulnerable to ReDoS attacks7.5Mar 30, 2022
• CVE-2020-11974In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.9.8Dec 18, 2020