VulnerableCode Package Details - pkg:pypi/apache-dolphinscheduler@2.0.5

Search for packages

Vulnerability	Summary	Fixed by
VCID-9nf3-ytdq-hfcu Aliases: CVE-2022-45875 GHSA-3xh5-8hvq-rc8x PYSEC-2023-4	Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions.	3.0.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-9nf3-ytdq-hfcu
Aliases:
CVE-2022-45875
GHSA-3xh5-8hvq-rc8x
PYSEC-2023-4

Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions.

3.0.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-yc2s-jxa6-8ua9	Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.	CVE-2022-25598 GHSA-qg5x-66hp-cw5p PYSEC-2022-176

Vulnerability

Summary

Aliases

VCID-yc2s-jxa6-8ua9

Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.

CVE-2022-25598
GHSA-qg5x-66hp-cw5p
PYSEC-2022-176

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-05T17:02:26.067697+00:00	PyPI Importer	Affected by	VCID-9nf3-ytdq-hfcu	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-05T17:01:59.442267+00:00	PyPI Importer	Fixing	VCID-yc2s-jxa6-8ua9	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-05T16:40:11.118042+00:00	GHSA Importer	Fixing	VCID-yc2s-jxa6-8ua9	https://github.com/advisories/GHSA-qg5x-66hp-cw5p	38.6.0
2026-06-04T17:52:15.636174+00:00	GithubOSV Importer	Fixing	VCID-yc2s-jxa6-8ua9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-qg5x-66hp-cw5p/GHSA-qg5x-66hp-cw5p.json	38.6.0
2026-06-02T04:41:57.307237+00:00	GitLab Importer	Fixing	VCID-yc2s-jxa6-8ua9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-dolphinscheduler/CVE-2022-25598.yml	38.6.0
2026-06-02T04:18:12.929550+00:00	Pypa Importer	Affected by	VCID-9nf3-ytdq-hfcu	https://github.com/pypa/advisory-database/blob/main/vulns/apache-dolphinscheduler/PYSEC-2023-4.yaml	38.6.0
2026-06-02T04:17:16.060060+00:00	Pypa Importer	Fixing	VCID-yc2s-jxa6-8ua9	https://github.com/pypa/advisory-database/blob/main/vulns/apache-dolphinscheduler/PYSEC-2022-176.yaml	38.6.0