Taier
by DTStack
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41579 | Cri | 0.64 | 9.8 | 0.03 | Dec 5, 2024 | DTStack Taier 1.4.0 allows remote attackers to specify the jobName parameter in the console listNames function to cause a SQL injection vulnerability | ||
| CVE-2026-9437 | 0.00 | — | — | May 25, 2026 | A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to… | |||
| CVE-2023-29860 | 0.00 | — | 0.00 | Jun 23, 2023 | An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method. |
- risk 0.64cvss 9.8epss 0.03
DTStack Taier 1.4.0 allows remote attackers to specify the jobName parameter in the console listNames function to cause a SQL injection vulnerability
- CVE-2026-9437May 25, 2026risk 0.00cvss —epss —
A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to…
- CVE-2023-29860Jun 23, 2023risk 0.00cvss —epss 0.00
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method.