Hi Luigi Maintainers,
I've identified a command injection vulnerability in the SGE module (luigi/contrib/sge.py) that allows arbitrary command execution via user-controlled parameters.
Since this is a security issue, I'd prefer to share the full details privately before public disclosure. Could you provide a secure channel (email or GitHub Security Advisory) to share the report?
I have a complete write-up with proof of concept ready.
Thank you,
Marcos Pantoja
Hi Luigi Maintainers,
I've identified a command injection vulnerability in the SGE module (luigi/contrib/sge.py) that allows arbitrary command execution via user-controlled parameters.
Since this is a security issue, I'd prefer to share the full details privately before public disclosure. Could you provide a secure channel (email or GitHub Security Advisory) to share the report?
I have a complete write-up with proof of concept ready.
Thank you,
Marcos Pantoja