Dbt-core

Latest version: v1.9.0

Vulnerabilities (6)

CVE/PVE Vulnerability ID Advisory Affected versions Severity Severity Score
CVE-2024-36105 71635

In DBT affected versions, binding to INADDR_ANY (0.0.0.0) or IN6ADDR_…

  • <1.6.1
  • >=1.7.0,<1.7.15
  • >=1.8.0,<1.8.1
- -
CVE-2024-40637 72255

When a user installs a package in dbt, they gain the capability to ov…

  • <1.6.14
  • >=1.7.0b1,<1.7.14
HIGH 7.8
PVE-2024-73530 73530

Affected versions of the dbt package are potentially vulnerable to Im…

  • <1.9.0b1
- -
PVE-2024-67887 68018

Dbt-core version 1.8.0b3 has upgraded sqlparse to versions between ">…

  • <1.8.0b3
- -
PVE-2024-99810 65981

Affected versions of dbt-core are vulnerable to the clear text storag…

  • >=1.7.0,<1.7.3
- -
CVE-2020-28493 42229

Dbt-core 0.20.0rc1 updates its dependency 'jinja2' to v2.11.3 to incl…

  • <0.20.0rc1
MEDIUM 5.3