CVE-2022-45462

Improper Neutralization of Special Elements used in a Command ('Command Injection') in maven/org.apache.dolphinscheduler/dolphinscheduler

Identifiers

CVE-2022-45462

Package Slug

maven/org.apache.dolphinscheduler/dolphinscheduler

Vulnerability

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Description

Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher

Affected Versions

All versions before 2.0.6

Solution

Upgrade to version 2.0.6 or above.

Last Modified

2023-03-08

source