GHSA-wqg7-mx6p-2rw3, CVE-2022-45462
maven/org.apache.dolphinscheduler/dolphinscheduler-alert-plugins
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher
All versions before 2.0.6
Upgrade to version 2.0.6 or above.
2022-11-24
source |