Vulnerabilities > Apache > Dolphinscheduler > 3.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-20 | CVE-2023-51770 | Unspecified vulnerability in Apache Dolphinscheduler Arbitrary File Read Vulnerability in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. | 7.5 |
| 2023-12-30 | CVE-2023-49299 | Unspecified vulnerability in Apache Dolphinscheduler Improper Input Validation vulnerability in Apache DolphinScheduler. | 8.8 |
| 2023-11-30 | CVE-2023-49620 | Unspecified vulnerability in Apache Dolphinscheduler Before DolphinScheduler version 3.1.0, the login user could delete UDF function in the resource center unauthorized (which almost used in sql task), with unauthorized access vulnerability (IDOR), but after version 3.1.0 we fixed this issue. | 6.5 |
| 2023-11-27 | CVE-2023-49068 | Unspecified vulnerability in Apache Dolphinscheduler Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler.This issue affects Apache DolphinScheduler: before 3.2.1. Users are recommended to upgrade to version 3.2.1, which fixes the issue. | 7.5 |
| 2023-04-20 | CVE-2023-25601 | Unspecified vulnerability in Apache Dolphinscheduler On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. | 4.3 |