Zhiwei

**Name of the Vulnerable Software and Affected Versions** Apache DolphinScheduler versions prior to 3.2.1 **Description** This issue is an Arbitrary File Read Vulnerability in Apache DolphinScheduler. It is recommended that users upgrade to version 3.2.1 to fix the issue. **Recommendations** For versions prior to 3.2.1, upgrade Apache DolphinScheduler to version 3.2.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache InLong versions 1.4.0 through 1.8.0 **Description** This issue is related to the deserialization of untrusted data, allowing an attacker to bypass security measures using `t`. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the use of `t` to bypass security. No specific API endpoints, vulnerable parameters, or function names are mentioned. **Recommendations** For Apache InLong versions 1.4.0 through 1.8.0, users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick the solution from the provided GitHub link to solve the issue. As a temporary workaround, consider restricting the deserialization of untrusted data until a patch is available.