Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-72
  • PyPI/kedro
 See record for full details 06 Apr
  • Fix available
  • Severity - 9.8 (Critical)
PYSEC-2026-71
  • PyPI/kedro
 See record for full details 06 Apr
  • Fix available
  • Severity - 8.1 (High)
GHSA-cjg8-h5qc-hrjv
  • PyPI/kedro-datasets
 kedro-datasets has a path traversal vulnerability in PartitionedDataset that allows arbitrary file write 06 Apr
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-9cqf-439c-j96r
  • PyPI/kedro
 Kedro has Arbitrary Code Execution via Malicious Logging Configuration 03 Apr
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-6326-w46w-ppjw
  • PyPI/kedro
 Kedro: Path Traversal in versioned dataset loading via unsanitized version string 03 Apr
  • Fix available
  • Severity - 7.1 (High)
GHSA-747f-ww56-4q4h
  • PyPI/kedro
 Kedro deserialization vulnerability 20 Mar 2025
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-rm69-wvpv-r2w7
  • PyPI/kedro
 Kedro allows Remote Code Execution by Pulling Micro Packages 20 Mar 2025
  • No fix available
  • Severity - 8.8 (High)