Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-mjw2-v2hm-wj34
  • PyPI/dagster
  • PyPI/dagster-deltalake
  • PyPI/dagster-duckdb
  • PyPI/dagster-gcp
  • PyPI/dagster-snowflake
  • ... 1 more
 Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations 3 days ago
  • Fix available
  • Severity - 8.3 (High)
GHSA-339r-cjv9-x78g
  • PyPI/llama-index-retrievers-duckdb-retriever
 LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection 20 Mar 2025
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-w2gf-jxc9-pf2q
  • PyPI/duckdb
 sniff_csv provides filesystem access even when enable_external_access is disabled in duckdb 21 Jan 2025
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2024-203
  • PyPI/duckdb
  • github.com/duckdb/duckdb
 See record for full details 24 Jul 2024
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2024-25
  • PyPI/duckdb
 See record for full details 30 Jan 2024
  • Fix available
  • Severity - 9.8 (Critical)