{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T16:12:02.158","vulnerabilities":[{"cve":{"id":"CVE-2024-29831","sourceIdentifier":"security@apache.org","published":"2024-08-12T13:38:18.560","lastModified":"2025-03-18T15:56:38.357","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. If you are using the switch task plugin, please upgrade to version 3.2.2."},{"lang":"es","value":"Vulnerabilidad de validación de entrada incorrecta en Apache DolphinScheduler. Un usuario autenticado puede hacer que se ejecute JavaScript arbitrario y sin espacio aislado en el servidor. Si está utilizando el complemento de cambio de tarea, actualice a la versión 3.2.2."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.2","matchCriteriaId":"CA3F4CF0-C52D-4EC7-AEA3-4B49F30F0B9C"}]}]}],"references":[{"url":"https://lists.apache.org/thread/x1ch0x5om3srtbnp7rtsvdszho3mdrq0","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/08/09/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}