CVE-2026-29790 | dbt-labs dbt-common up to 1.34.1/1.37.2 tarball os.path.commonprefix path traversal

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability classified as critical was found in dbt-labs dbt-common up to 1.34.1/1.37.2. This affects the function os.path.commonprefix of the component tarball Handler. The manipulation results in path traversal.

This vulnerability is identified as CVE-2026-29790. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-29790 | dbt-labs dbt-common up to 1.34.1/1.37.2 tarball os.path.commonprefix path traversal

Post correlati

CVE-2025-8171 | code-projects Document Management System 1.0 /insert.php uploaded_file unrestricted upload

CVE-2024-43933 | WPMobile.App Plugin up to 11.48 on WordPress cross-site request forgery

CVE-2024-50613 | libsndfile up to 1.2.2 mpeg_l3_encode.c mpeg_l3_encoder_close assertion

CVE-2024-42275 | Linux Kernel up to 6.10.3 drm_client_buffer_vmap_local uninitialized pointer (c0f412961653/b5fbf924f125)