2 matches found
SQL Injection
Overview dagster-gcp is a Package for GCP-specific Dagster framework op and resource components. Affected versions of this package are vulnerable to SQL Injection via the construction of SQL WHERE clauses in database I/O manager integrations. An attacker can execute arbitrary SQL commands by...
dagster-gcp-pandas (>=0.17.21 <=0.29.0), dagster-gcp-pyspark (>=0.17.21 <=0.29.0) +1 more potentially affected by CVE-2026-41490 via dagster-gcp (>=0.17.21 <=0.29.0)
dagster-gcp PYPI version =0.17.21, =0.17.21, =0.17.21, =0.1.0, =0.1.6 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERGCP-16109578...