CVE-2022-45462

CVE-2022-45462: Apache DolphinScheduler prior to 2.0.5 have command execution vulnerability

Vendor Apache Software Foundation

Product Apache DolphinScheduler

Weakness CWE-77

Published November 23, 2022

Last update April 25, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher

Key dates

Disclosure timeline

November 23, 2022 CVE published

April 25, 2025 Record updated