CVE-2022-25598

CVE-2022-25598: Apache DolphinScheduler user registration is vulnerable to ReDoS attacks

Vendor Apache Software Foundation

Product Apache DolphinScheduler

Weakness CWE-1333

Published March 30, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.

Key dates

Disclosure timeline

March 30, 2022 CVE published

August 3, 2024 Record updated