MidnightBSD

Advisories for datadoghq

CVE-2019-3800 LOW

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,CWE-200,

Products Affected

Vendor Product Version
appdynamics platform_montioring *
sumologic nozzle *
pivotal cloud_foundry_routing_release *
splunk nozzle *
pivotal cloud_foundry_command_line_interface *
anynines rabbitmq *
snyk service_broker *
pivotal cloud_foundry_deployment *
newrelic dotnet_extension_buildpack *
pivotal metric_registrar_release *
tibco businessworks_buildpack *
contrastsecurity service_broker *
datastax enterprise_service_broker *
yugabyte db_enterprise *
pivotal cloud_foundry_command_line_interface_release *
bluemedora nozzle *
anynines postgresql *
riverbed steelcentral_appinternals *
pivotal pivotal_cloud_foundry_service_broker *
pivotal application_service *
anynines mysql *
microsoft azure_service_broker *
appdynamics application_performance_monitoring *
wavefront wavefront_by_vmware_nozzle *
synopsys seeker_iast_service_broker *
pivotal on_demand_service_broker *
signalsciences service_broker *
cyberark conjur_service_broker *
google google_cloud_platform_service_broker *
pivotal single_sign-on *
pivotal cloud_foundry_networking_release *
pivotal cloud_foundry_smoke_test *
ibm websphere_liberty_ *
appdynamics application_analytics *
samba volume_service *
pivotal cloud_foundry_log_cache_release *
pivotal cloud_foundry_notifications *
anynines mongodb *
microsoft azure_log_analytics_nozzle *
pivotal cloud_foundry_event_alerts *
anynines redis *
pivotal cloud_foundry_healthwatch *
solace pubsub+ *
newrelic service_broker *
pivotal credhub_service_broker_for_pcf *
anynines elasticsearch *
forgerock service_broker *
pagerduty service_broker *
apigee edge_service_broker *
datadoghq application_monitoring *
dynatrace service_broker *
pivotal cloud_foundry_autoscaling_release *
pivotal cloud_foundry_deployment_concourse_tasks *
anynines logme *
newrelic nozzle *
CVE-2021-21331 MEDIUM

The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive information. This sensitive information is exposed locally to other users. This vulnerability exists in the API Client for version 1 and 2. The method `prepareDownloadFilecreates` creates a temporary file with the permissions bits of `-rw-r--r--` on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file downloaded via the `downloadFileFromResponse` method will be visible to all other users on the local system. Analysis of the finding determined that the affected code was unused, meaning that the exploitation likelihood is low. The unused code has been removed, effectively mitigating this issue. This issue has been patched in version 1.0.0-beta.9. As a workaround one may specify `java.io.tmpdir` when starting the JVM with the flag `-Djava.io.tmpdir`, specifying a path to a directory with `drw-------` permissions owned by `dd-agent`.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 1.8 1.4
security-advisories@github.com 3.0 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N 1.3 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-378,CWE-379,NVD-CWE-Other,

Products Affected

Vendor Product Version
datadoghq datadog-api-client-java 1.0.0
CVE-2022-23530

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten. This issue is patched in version 0.1.8. Potential workarounds include using a safer module, like zipfile, and validating the location of the extracted files and discarding those with malicious paths.

Products Affected

Vendor Product Version
datadoghq guarddog *
CVE-2022-23531

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the tarfile.TarFile.extractall function. This issue is patched in version 0.1.5.

Products Affected

Vendor Product Version
datadoghq guarddog *
CVE-2023-38704

import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for remote code execution in cases where an application passes user-supplied input directly to the `import()` function. This vulnerability has been patched in import-in-the-middle version 1.4.2. Some workarounds are available. Do not pass any user-supplied input to `import()`. Instead, verify it against a set of allowed values. If using import-in-the-middle, directly or indirectly, and support for EcmaScript Modules is not needed, ensure that no options are set, either via command-line or the `NODE_OPTIONS` environment variable, that would enable loader hooks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L 2.2 5.3

Products Affected

Vendor Product Version
datadoghq import-in-the-middle *
CVE-2026-22870

GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, GuardDog's safe_extract() function does not validate decompressed file sizes when extracting ZIP archives (wheels, eggs), allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data. This vulnerability is fixed in 2.7.1.

Products Affected

Vendor Product Version
datadoghq guarddog *
CVE-2026-22871

GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, there is a path traversal vulnerability exists in GuardDog's safe_extract() function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog. This vulnerability is fixed in 2.7.1.

Products Affected

Vendor Product Version
datadoghq guarddog *