Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/hwnw7xr969sg5nv84wz75nfr2c76fl93 | Mailing List Vendor Advisory |
https://lists.apache.org/thread/hwnw7xr969sg5nv84wz75nfr2c76fl93 | Mailing List Vendor Advisory |
Configurations
History
21 Nov 2024, 06:52
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.apache.org/thread/hwnw7xr969sg5nv84wz75nfr2c76fl93 - Mailing List, Vendor Advisory |
10 Jul 2023, 19:34
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1333 |
04 Apr 2022, 19:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:* | |
CWE | CWE-400 | |
References | (MISC) https://lists.apache.org/thread/hwnw7xr969sg5nv84wz75nfr2c76fl93 - Mailing List, Vendor Advisory |
30 Mar 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-30 10:15
Updated : 2024-11-21 06:52
NVD link : CVE-2022-25598
Mitre link : CVE-2022-25598
CVE.ORG link : CVE-2022-25598
JSON object : View
Products Affected
apache
- dolphinscheduler
CWE
CWE-1333
Inefficient Regular Expression Complexity