You are viewing the documentation for version 12 of DSS.
Improper link resolution before file access
Advisory ID: DSA-2023-007
CVSS Base Score: 7.5
CVSS String: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE classification: CWE-59
A user who has privileges to write code and leverage containerized execution could use symbolic links to gain access to restricted files.
Dataiku DSS 12.1.3 has been made available to customers to remediate this issue