CVE-2024-40637 | dbt-labs dbt-core up to 1.6.13/1.7.13 Configuration injection (GHSA-p3f3-5ccg-83xq)

Posted by Angelo Barbosa | Jul 17, 2024 | CVE

A vulnerability was found in dbt-labs dbt-core up to 1.6.13/1.7.13. It has been rated as problematic. This issue affects some unknown processing of the component Configuration Handler. The manipulation leads to injection.

The identification of this vulnerability is CVE-2024-40637. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-40637 | dbt-labs dbt-core up to 1.6.13/1.7.13 Configuration injection (GHSA-p3f3-5ccg-83xq)

Related Posts

CVE-2024-6000 | FooEvents for WooCommerce Plugin up to 1.19.20 on WordPress unrestricted upload

CVE-2024-46781 | Linux Kernel up to 6.10.9 nilfs2 ns_dirty_files use after free

CVE-2024-36128 | Directus up to 10.11.1 length unusual condition (GHSA-632p-p495-25m5)

CVE-2023-42463 | Wazuh up to 4.5.2 stack-based overflow