Описание
Command injection in Apache DolphinScheduler Alert Plugins
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher.
Пакеты
Наименование
org.apache.dolphinscheduler:dolphinscheduler-alert-plugins
maven
Затронутые версииВерсия исправления
< 2.0.6
2.0.6
Связанные уязвимости
CVSS3: 9.8
nvd
около 3 лет назад
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher