CRITICAL 9.8
GHSA-r989-cjhx-3v49
Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure
Details
DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler.
This issue affects Apache DolphinScheduler: before 3.4.2.
Users are recommended to upgrade to version 3.4.2, which fixes the issue.
Are you affected?
Enter the version of the package you're using.
Affected packages
Maven / org.apache.dolphinscheduler:dolphinscheduler-api
Introduced in:
0 Fixed in: 3.4.2 Fix
# pom.xml: bump <version>3.4.2</version> for org.apache.dolphinscheduler:dolphinscheduler-api