{"data":{"id":"47c801d7-32e5-4da6-998d-dba1181d10f5","title":"GHSA-mjw2-v2hm-wj34: Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations","summary":"Dagster had a SQL injection vulnerability (a security flaw where attackers can insert malicious SQL commands into database queries) in its database I/O managers (tools that read and write data to databases like DuckDB, Snowflake, and BigQuery). Users with permission to add dynamic partitions (flexible data groupings) could create partition keys that contained SQL commands, which would then execute against the database with the I/O manager's credentials, potentially allowing unauthorized data access or modification.","solution":"Update to the patched versions of Dagster. The fix ensures that partition key values are properly escaped before inclusion in SQL queries across all affected I/O managers. No configuration changes or workarounds are required alongside the update; only the Dagster code version needs to be updated. If unable to apply the update, manual workarounds are described in the referenced gist (https://gist.github.com/gibsondan/6d0c483f8499a8b1cd460cddc9fd8f72).","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-mjw2-v2hm-wj34","publishedAt":"2026-04-18T01:07:59.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["dagster-snowflake-polars@<= 0.29.0 (fixed: 0.29.1)","dagster-deltalake@<= 0.29.0 (fixed: 0.29.1)","dagster@<= 1.13.0 (fixed: 1.13.1)","dagster-gcp@<= 0.29.0 (fixed: 0.29.1)","dagster-snowflake@<= 0.29.0 (fixed: 0.29.1)"],"affectedVendors":[],"affectedVendorsRaw":["Dagster"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-04-18T01:07:59.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}