CNNVD-202507-676 Information
Jul 07, 2025
cve
CNNVD ID
CNNVD-202507-676
Related CVE
- CNNVD Published: 2025-07-07
Description (Chinese)
Dagster是Dagster开源的一个用于开发、生产和观察数据资产的编排平台。 Dagster 1.5.11及之前版本存在安全漏洞,该漏洞源于对logs端点处理不当,可能导致敏感信息泄露。
Description (English)
Dagster is a organizing platform for the development, production and observation of data assets from Dagster open source. There is a security loophole in Dagster 1.5.11 and earlier versions, which stems from the mishandling of the logs endpoints, which may lead to the disclosure of sensitive information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Dagster
Published
2025-07-07
Last Modified
2026-02-24
References
https://github.com/dagster-io/dagster/pull/18462 https://access.redhat.com/security/cve/cve-2023-51232
Patch
https://github.com/dagster-io/dagster/releases
Share on: