Dataiku Data_science_studio

5 CVEs affecting Dataiku Data_science_studio. Latest disclosed: 2024-01-09. Critical: 1, High: 1.

Top CVEs affecting Dataiku Data_science_studio
CVESeverityScorePublishedSummary
CVE-2023-51717Critical9.82024-01-09Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass.
CVE-2020-8817High8.12020-09-14Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata.
CVE-2023-24045Medium6.52023-03-01In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download r…
CVE-2021-27225Medium5.42021-03-01In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite…
CVE-2018-10732Medium5.32018-05-28The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pi…