Apache DolphinScheduler Incorrect Default Permissions Vulnerability · CVE-2024-43166 · GitHub Advisory Database · GitHub

Apache DolphinScheduler Incorrect Default Permissions Vulnerability

Low severity GitHub Reviewed Published Sep 3, 2025 to the GitHub Advisory Database • Updated Sep 3, 2025

Package

org.apache.dolphinscheduler:dolphinscheduler (Maven)

Affected versions

< 3.3.1

Patched versions

3.3.1

Description

Incorrect Default Permissions vulnerability in Apache DolphinScheduler.

This issue affects Apache DolphinScheduler: before 3.2.2.

Users are recommended to upgrade to version 3.3.1, which fixes the issue.

References

Published by the National Vulnerability Database

Sep 3, 2025

Published to the GitHub Advisory Database Sep 3, 2025

Reviewed Sep 3, 2025

Last updated Sep 3, 2025