CVE-2022-25598: Uncontrolled Resource Consumption

March 30, 2022 (updated July 12, 2023)

Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.

References

lists.apache.org/thread/hwnw7xr969sg5nv84wz75nfr2c76fl93
nvd.nist.gov/vuln/detail/CVE-2022-25598

Detect and mitigate CVE-2022-25598 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →