CVE-2022-25598

Summary

Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache DolphinSchedulerApache DolphinScheduler < 2.0.5affected

Weaknesses

  • CWE-1333: CWE-1333 Inefficient Regular Expression Complexity

ADP Enrichment

CVE Program Container

Additional References

References