14 matches found
EUVD-2024-0522
Malicious code in bioql PyPI...
CVE-2024-25125
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
Path Traversal
Digdag is vulnerable to Path Traversal. The vulnerability is due to a lack of validation of file paths within LocalFileLogServerFactory.java when its configured to store logs locally.. This could allow an attacker to access and read sensitive data, configuration files, or other information stored...
GHSA-5MP4-32RR-V3X5 Absolute path traversal vulnerability in digdag server
Summary Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. Impact This issue may lead to Information Disclosure...
io.digdag:digdag-cli (>=0.10.0 <=0.10.5) potentially affected by CVE-2024-25125 via io.digdag:digdag-server (>=0.10.0 <=0.10.5)
io.digdag:digdag-server MAVEN version =0.10.0, =0.10.0, =0.10.5 Source cves: CVE-2024-25125 Source advisory: OSV:GHSA-5MP4-32RR-V3X5...
Absolute path traversal vulnerability in digdag server
Summary Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. Impact This issue may lead to Information Disclosure...
CVE-2024-25125
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
Path traversal
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
CVE-2024-25125 Absolute path traversal vulnerability in digdag server
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
CVE-2024-25125
CVE-2024-25125 affects Treasure Data’s Digdag workload automation system when configured to store log files locally, introducing a path traversal vulnerability that could disclose sensitive information. The issue is addressed in Digdag release 0.10.5.1; upgrade to that version to remediate. Publi...
CVE-2024-25125 Absolute path traversal vulnerability in digdag server
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
CVE-2024-25125 Absolute path traversal vulnerability in digdag server
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to...
Digdag Path Traversal Vulnerability
Digdag is an open source tool for building, running, scheduling and monitoring complex task pipelines across a variety of platforms. A path traversal vulnerability exists in Digdag versions prior to 0.10.5.1, which stems from the fact that the digdag workload automation system in Treasure Data is...
PT-2024-20766 · Treasure Data · Digdag
Name of the Vulnerable Software and Affected Versions: Digdag versions prior to 0.10.5.1 Description: The issue is a path traversal vulnerability in Treasure Data's digdag workload automation system when it is configured to store log files locally. This may lead to information disclosure...