DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-MJW2-V2HM-WJ34: GHSA-MJW2-V2HM-WJ34: SQL Injection in Dagster Dynamic Partitions

#security #cve #cybersecurity #ghsa

GHSA-MJW2-V2HM-WJ34: SQL Injection in Dagster Dynamic Partitions

Vulnerability ID: GHSA-MJW2-V2HM-WJ34
CVSS Score: 8.3
Published: 2026-04-18

A high-severity SQL injection vulnerability in Dagster's database I/O manager integrations allows users with dynamic partition creation privileges to execute arbitrary SQL commands. This flaw affects the DuckDB, Snowflake, BigQuery, and DeltaLake integrations due to improper sanitization of dynamic partition keys.

TL;DR

Dagster I/O managers fail to sanitize dynamic partition keys, enabling SQL injection via unescaped string literals. Upgrading to Dagster 1.13.1 and integration packages 0.29.1 resolves the issue, or users can apply a manual runtime monkey patch.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-89
  • CVSS Score: 8.3 (High)
  • Attack Vector: Network (API/UI)
  • Authentication Required: Low (Requires API Access)
  • Impact Context: I/O Manager Database Scope
  • Patch Status: Available (1.13.1 / 0.29.1)

Affected Systems

  • Dagster Core
  • dagster-duckdb
  • dagster-snowflake
  • dagster-gcp
  • dagster-deltalake
  • dagster: >= 1.1.21, < 1.13.1 (Fixed in: 1.13.1)
  • dagster-duckdb: >= 0.17.21, < 0.29.1 (Fixed in: 0.29.1)
  • dagster-snowflake: >= 0.17.21, < 0.29.1 (Fixed in: 0.29.1)
  • dagster-gcp: >= 0.17.21, < 0.29.1 (Fixed in: 0.29.1)
  • dagster-deltalake: < 0.29.1 (Fixed in: 0.29.1)

Mitigation Strategies

  • Upgrade the core dagster package to >= 1.13.1
  • Upgrade affected integration packages (duckdb, snowflake, gcp, deltalake) to >= 0.29.1
  • Implement runtime monkey patch in definitions.py if upgrading is delayed
  • Restrict 'Add Dynamic Partitions' permissions via RBAC in Dagster+

Remediation Steps:

  1. Identify all deployed Dagster environments using dynamic partitions and the affected I/O managers.
  2. Update the project dependencies: pip install dagster>=1.13.1 dagster-gcp>=0.29.1 (or other relevant integrations).
  3. Re-deploy the Dagster code locations and webserver instances.
  4. If patching is delayed, copy the provided workaround snippet matching your specific database backend and insert it at the top of definitions.py.
  5. Restart the Dagster processes to apply the monkey patch.

References

Read the full report for GHSA-MJW2-V2HM-WJ34 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)