Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-p3f3-5ccg-83xq
  • PyPI/dbt-core
dbt has an implicit override for built-in materializations from installed packages 17 Jul 2024
  • Fix available
  • Severity - 2.4 (Low)
PYSEC-2024-66
  • PyPI/dbt-core
  • github.com/dbt-labs/dbt-core
See record for full details 16 Jul 2024
  • Fix available
  • Severity - 7.8 (High)
GHSA-pmrx-695r-4349
  • PyPI/dbt-core
dbt allows Binding to an Unrestricted IP Address via socketsocket 28 May 2024
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-p72q-h37j-3hq7
  • PyPI/dbt-core
dbt uses a SQLparse version with a high vulnerability 22 Apr 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-j4g3-3q8x-jxqp
  • PyPI/dbt-core
dbt-core's secret env vars written to package-lock.json in plaintext 08 Dec 2023
  • Fix available
  • Severity - 3.2 (Low)