oss-sec mailing list archives
CVE-2022-34662: Apache DolphinScheduler prior to 3.0.0 allows path traversal
From: Jiajie Zhong <zhongjiajie () apache org>
Date: Tue, 01 Nov 2022 14:32:09 +0000
Severity: moderate Description: When users add resources to the resource center with a relation path will cause path traversal issues and only for logged-in users. You could upgrade to version 3.0.0 or higher Credit: This issue was discovered by Jigang Dong of M1QLin Security Team
Current thread:
- CVE-2022-34662: Apache DolphinScheduler prior to 3.0.0 allows path traversal Jiajie Zhong (Nov 01)