GHSA-r989-cjhx-3v49CriticalCVSS 9.8
Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure
🔗 CVE IDs covered (1)
📋 Description
DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler.
This issue affects Apache DolphinScheduler: before 3.4.2.
Users are recommended to upgrade to version 3.4.2, which fixes the issue.
🎯 Affected products1
- maven/org.apache.dolphinscheduler:dolphinscheduler-api:< 3.4.2