VYPR
Vendor

DTStack

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2024-41579CriDec 5, 2024
    risk 0.64cvss 9.8epss 0.01

    DTStack Taier 1.4.0 allows remote attackers to specify the jobName parameter in the console listNames function to cause a SQL injection vulnerability

  • CVE-2026-4735HigMar 24, 2026
    risk 0.50cvss epss 0.00

    Deserialization of Untrusted Data vulnerability in DTStack chunjun (‎chunjun-core/src/main/java/com/dtstack/chunjun/util modules). This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1.

  • CVE-2026-9437MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to…

  • CVE-2026-11618HigJun 9, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a…

  • CVE-2023-29860Jun 23, 2023
    risk 0.00cvss epss 0.01

    An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method.