exploitDog

CVE-2023-51770

Опубликовано: 20 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Arbitrary File Read Vulnerability in Apache Dolphinscheduler.

This issue affects Apache DolphinScheduler: before 3.2.1.

We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

Ссылки

http://www.openwall.com/lists/oss-security/2024/02/20/2
Mailing List
Third Party Advisory
https://github.com/apache/dolphinscheduler/pull/15433
Issue Tracking
Patch
https://lists.apache.org/thread/4t8bdjqnfhldh73gy9p0whlgvnnbtn7g
Mailing List
Vendor Advisory
https://lists.apache.org/thread/gpks573kn00ofxn7n9gkg6o47d03p5rw
Mailing List
Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/02/20/2
Mailing List
Third Party Advisory
https://github.com/apache/dolphinscheduler/pull/15433
Issue Tracking
Patch
https://lists.apache.org/thread/4t8bdjqnfhldh73gy9p0whlgvnnbtn7g
Mailing List
Vendor Advisory
https://lists.apache.org/thread/gpks573kn00ofxn7n9gkg6o47d03p5rw
Mailing List
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*

Версия от 1.2.0 (включая) до 3.2.1 (исключая)

EPSS

Процентиль: 80%

0.01343

Низкий

7.5 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-ff2w-wm48-jhqj

CVSS3: 7.5

github

почти 2 года назад

Arbitrary File Read Vulnerability in Apache Dolphinscheduler

EPSS

Процентиль: 80%

0.01343

Низкий

7.5 High

CVSS3

Дефекты

CWE-94