Lucene search
K

86 matches found

Chainguard
Chainguard
added 2026/01/30 7:17 a.m.10 views

CVE-2026-0994 vulnerabilities

Vulnerabilities for packages: litellm, authentik-fips, kserve, py3-cassandra-medusa, authentik, airflow, label-studio, request-1276, mitmproxy, datadog-agent, apache-beam-python-3.11-sdk, localstack, text-generation-inference, py3-protobuf, py3-vllm-cuda-12.4, tensorflow-gpu-jupyter, open-webui,...

8.2CVSS6.5AI score0.00613EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/30 7:17 a.m.1 views

GHSA-7GCM-G887-7QV7 vulnerabilities

Vulnerabilities for packages: litellm, authentik-fips, kserve, py3-cassandra-medusa, authentik, airflow, label-studio, request-1276, mitmproxy, datadog-agent, apache-beam-python-3.11-sdk, localstack, text-generation-inference, py3-protobuf, py3-vllm-cuda-12.4, tensorflow-gpu-jupyter, open-webui,...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0033

Malicious code in bioql PyPI...

7.8CVSS6.3AI score0.00372EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.7 views

CVE-2024-40637

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

7.8CVSS6.7AI score0.00372EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 8:21 a.m.3 views

Malicious code in dbt-bytedhouse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ebd5ea76dc950b3bfb5104cd6cc0fd93024e297adad76ab02e0d5842c4777628 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
OSV
OSV
added 2024/11/06 8:21 a.m.6 views

MAL-2024-10413 Malicious code in dbt-bytedhouse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ebd5ea76dc950b3bfb5104cd6cc0fd93024e297adad76ab02e0d5842c4777628 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 8:12 a.m.10 views

Malicious code in dbt-byteshouse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a28901c21fc8965eca406c72802ea54284404524f91641c843d1c95613eb59ad A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
OSV
OSV
added 2024/07/17 3:52 p.m.9 views

GHSA-P3F3-5CCG-83XQ dbt has an implicit override for built-in materializations from installed packages

Impact What kind of vulnerability is it? Who is impacted? When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it allows packages to extend and customize dbt's functionality. However, this also mean...

4.2CVSS5.9AI score0.00372EPSS
Exploits1References11
vulnersOsv
vulnersOsv
added 2024/07/17 3:52 p.m.6 views

dagster-dbt (>=0.19.3 <=0.20.4), dagster-ext (>=0.0.1a11 <=0.1.0) +8 more potentially affected by CVE-2024-40637 via dbt-core (>=1.6.0 <=1.6.13)

dbt-core PYPI version =1.6.0, =0.19.3, =0.0.1a11, =1.6.0b1, =0.1.0, =0.0.1, =1.6.0, =1.3.0, =1.6.0, =0.200.0.dev5, =0.200.0.dev14 Source cves: CVE-2024-40637 Source advisory: OSV:GHSA-P3F3-5CCG-83XQ...

7.8CVSS5.8AI score0.00372EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/07/17 3:52 p.m.4 views

dagster-dbt (>=0.20.5 <=0.21.6), dbt-dremio (=1.7.0) +9 more potentially affected by CVE-2024-40637 via dbt-core (>=1.7.0 <=1.7.13)

dbt-core PYPI version =1.7.0, =0.20.5, =1.7.0, =0.0.2, =1.7.0, =0.0.4, =0.203.0.dev5, =0.0.1rc8, =0.4.2, =0.8.0 Source cves: CVE-2024-40637 Source advisory: OSV:GHSA-P3F3-5CCG-83XQ...

7.8CVSS5.8AI score0.00372EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2024/07/17 3:52 p.m.17 views

dbt has an implicit override for built-in materializations from installed packages

Impact What kind of vulnerability is it? Who is impacted? When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it allows packages to extend and customize dbt's functionality. However, this also mean...

7.8CVSS6.6AI score0.00372EPSS
Exploits1References11Affected Software1
NVD
NVD
added 2024/07/16 11:15 p.m.18 views

CVE-2024-40637

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

7.8CVSS0.00372EPSS
Exploits1References8
vulnersOsv
vulnersOsv
added 2024/07/16 11:15 p.m.8 views

airflow-dbt-python (>=0.2.0 <=3.6.0), alvin-cli (>=0.0.1a0 <=1.3.0rc1) +288 more potentially affected by CVE-2024-40637 via dbt-core (>=0.14.0 <=1.6.13)

dbt-core PYPI version =0.14.0, =0.2.0, =0.0.1a0, =1.0.0a1, =0.0.3, =0.3.8, =1.0.6, =0.2.0, =0.11.2, =0.5.6, =0.0.1a1, =0.4.0, =0.5.1, =0.6.2 and more Source cves: CVE-2024-40637 Source advisory: OSV:PYSEC-2024-66...

7.8CVSS5.7AI score0.00372EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/07/16 11:15 p.m.4 views

dagster-dbt (>=0.20.5 <=0.21.6), dbt-dremio (=1.7.0) +9 more potentially affected by CVE-2024-40637 via dbt-core (>=1.7.0 <=1.7.13)

dbt-core PYPI version =1.7.0, =0.20.5, =1.7.0, =0.0.2, =1.7.0, =0.0.4, =0.203.0.dev5, =0.0.1rc8, =0.4.2, =0.8.0 Source cves: CVE-2024-40637 Source advisory: OSV:PYSEC-2024-66...

7.8CVSS5.8AI score0.00372EPSS
Exploits1
PyPA
PyPA
added 2024/07/16 11:15 p.m.7 views

PYSEC-2024-66

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

7.8CVSS6.8AI score0.00372EPSS
Exploits1References11Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/16 10:56 p.m.17 views

CVE-2024-40637 Implicit override for built-in materializations from installed packages in dbt-core

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

4.2CVSS6.7AI score0.00372EPSS
Exploits1References8
Cvelist
Cvelist
added 2024/07/16 10:56 p.m.23 views

CVE-2024-40637 Implicit override for built-in materializations from installed packages in dbt-core

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

4.2CVSS0.00372EPSS
Exploits1References8
OSV
OSV
added 2024/07/16 10:56 p.m.10 views

CVE-2024-40637 Implicit override for built-in materializations from installed packages in dbt-core

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

4.2CVSS6.5AI score0.00372EPSS
Exploits1References10
vulnersOsv
vulnersOsv
added 2024/07/03 10:4 a.m.5 views

dagster-dbt (>=0.20.5 <=0.21.6), dbt-dremio (=1.7.0) +9 more potentially affected by CVE-2024-40637 via dbt-core (>=1.7.0 <=1.7.13)

dbt-core PYPI version =1.7.0, =0.20.5, =1.7.0, =0.0.2, =1.7.0, =0.0.4, =0.203.0.dev5, =0.0.1rc8, =0.4.2, =0.8.0 Source cves: CVE-2024-40637 Source advisory: SNYK:PYTHON-DBTCORE-7430282...

7.8CVSS5.8AI score0.00372EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/07/03 10:4 a.m.4 views

airflow-dbt-python (>=0.2.0 <=3.6.0), alvin-cli (>=0.0.1a0 <=1.3.0rc1) +288 more potentially affected by CVE-2024-40637 via dbt-core (>=0.14.0 <=1.6.13)

dbt-core PYPI version =0.14.0, =0.2.0, =0.0.1a0, =1.0.0a1, =0.0.3, =0.3.8, =1.0.6, =0.2.0, =0.11.2, =0.5.6, =0.0.1a1, =0.4.0, =0.5.1, =0.6.2 and more Source cves: CVE-2024-40637 Source advisory: SNYK:PYTHON-DBTCORE-7430282...

7.8CVSS5.7AI score0.00372EPSS
Exploits1
Rows per page
Query Builder