CVE-2024-43166

CVE-2024-43166

Vendor Apache Software Foundation
Product Apache DolphinScheduler
Weakness CWE-276
Published September 3, 2025
Last update November 4, 2025

CVSS base score

What the vulnerability does

01Description

Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.

Key dates

02Disclosure timeline

September 3, 2025 CVE published
November 4, 2025 Record updated