Vulnerability Database

Published: Sep 9, 2025
Updated: Sep 11, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-43115" target="_blank" rel="noopener"> CVE-2024-43115
GHSA: <a href="https://github.com/advisories/GHSA-3vcp-r62v-xpvg" target="_blank" rel="noopener"> GHSA-3vcp-r62v-xpvg
Severity: High
Exploit:

296,747

Total vulnerabilities in the database

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script.

This issue affects Apache DolphinScheduler: before 3.2.2.

Users are recommended to upgrade to version 3.3.1, which fixes the issue.

CVSS v3:

CWEs:

Software	From	Fixed in
org.apache.dolphinscheduler / dolphinscheduler	-	3.2.2

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.