VYPR

PyPI package

dbt-common

pkg:pypi/dbt-common

Vulnerabilities (1)

  • CVE-2026-29790Mar 6, 2026
    affected < 1.34.2fixed 1.34.2

    dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safe_extract() function used when extracting tarball archives. The function uses os.path.commonprefix