CVE-2024-43115
published 2025-09-03CVE-2024-43115: Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script.
This issue affects Apache DolphinScheduler: before 3.2.2.
Users are recommended to upgrade to version 3.3.1, which fixes the issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | dolphinscheduler | < 3.2.2 | 3.2.2 |
| apache_software_foundation | apache_dolphinscheduler | < 3.2.2 | 3.2.2 |