CVE-2023-49109

Published: Feb 20, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-49109" target="_blank" rel="noopener"> CVE-2023-49109
GHSA: <a href="https://github.com/advisories/GHSA-qwxx-xww6-8q8m" target="_blank" rel="noopener"> GHSA-qwxx-xww6-8q8m
Severity: Critical
Exploit:

Exposure of Remote Code Execution in Apache Dolphinscheduler.

This issue affects Apache DolphinScheduler: before 3.2.1.

We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.

CVSS v3:

CWEs:

Software	From	Fixed in
org.apache.dolphinscheduler / dolphinscheduler	3.0.0	3.2.1
apache / dolphinscheduler	3.0.0	3.2.1