oss-sec mailing list archives
CVE-2022-26884: Apache DolphinScheduler exposes files without authentication
From: ShunFeng Cai <caishunfeng () apache org>
Date: Fri, 28 Oct 2022 01:39:06 +0000
Description: Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher.
Current thread:
- CVE-2022-26884: Apache DolphinScheduler exposes files without authentication ShunFeng Cai (Oct 28)