DTStack/Taier

DTStack/Taier

dtstack.github.io

Releases7

Frequency2 months 1 day

Last Release about 3 years ago

Stars1.28K

Taier is a big data development platform for submission, scheduling, operation and maintenance, and indicator information display

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-11618 ↗	Jun 9, 2026Tuesday, 9 June 2026, 03:16	7.3 HIGH	7.5 HIGH
A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.
CVE-2024-41579 ↗	Dec 5, 2024Thursday, 5 December 2024, 20:15	9.8 CRITICAL	—
DTStack Taier 1.4.0 allows remote attackers to specify the jobName parameter in the console listNames function to cause a SQL injection vulnerability
CVE-2023-29860 ↗	Jun 23, 2023Friday, 23 June 2023, 12:15	7.5 HIGH	—
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method.