CVE-2024-43166

EPSS 0.16%

Apache DolphinScheduler Incorrect Default Permissions Vulnerability

Published: 9/3/2025Modified: 9/3/2025

Description

Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.

Affected packages (1)

Maven/org.apache.dolphinscheduler:dolphinschedulerfrom 0, < 3.3.1

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-43166
PATCHhttps://github.com/apache/dolphinscheduler
WEBhttps://lists.apache.org/thread/8zd69zkkx55qp365xp4tml1xh9og5lhk