Deserialization in Apache Software Foundation Dolphinscheduler

CVE-2025-62233

Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler:  Version >= 3.2.0 and < 3.3.1. Attackers who can access the Master or Worker nodes can compromise the sys…

Vulnerability class: Insecure Deserialization

EPSS: 0.001 (18.7th percentile) — read the EPSS interpretation.