Apache DolphinScheduler vulnerable to Path Traversal
Moderate severity
GitHub Reviewed
Published
Nov 1, 2022
to the GitHub Advisory Database
•
Updated Jan 31, 2023
Package
Affected versions
< 3.0.0
Patched versions
3.0.0
Description
Published by the National Vulnerability Database
Nov 1, 2022
Published to the GitHub Advisory Database
Nov 1, 2022
Reviewed
Nov 1, 2022
Last updated
Jan 31, 2023
When users add resources to the resource center with a relation path, this vulnerability will cause path traversal issues for logged-in users. Users should upgrade to version 3.0.0 to avoid this issue.
References