CVE-2024-30188

File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2.

Users are recommended to upgrade to version 3.2.2, which fixes the issue.

Published: Aug 12, 2024
Updated: May 4, 2025
CVE: CVE-2024-30188
GHSA: GHSA-4vv4-crw4-8pcw
Severity: High
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
org.apache.dolphinscheduler / dolphinscheduler	3.1.0	3.2.2
apache / dolphinscheduler	3.1.0	3.2.2

http://www.openwall.com/lists/oss-security/2024/08/09/7
https://lists.apache.org/thread/tbrt42mnr42bq6scxwt6bjr3s2pwyd07

Vulnerability Database

291,049

CVE-2024-30188