CVE-2025-51481

MEDIUM

Dagster < 1.10.16 - Local File Inclusion via Notebook Path Traversal

Title source: llm
STIX 2.1

Description

Local File Inclusion in dagster._grpc.impl.get_notebook_data in Dagster 1.10.14 allows attackers with access to the gRPC server to read arbitrary files by supplying path traversal sequences in the notebook_path field of ExternalNotebookData requests, bypassing the intended extension-based check.

References (3)

Core 3
Core References
Exploit, Issue Tracking, Vendor Advisory
https://github.com/dagster-io/dagster/pull/30002
Exploit, Third Party Advisory
https://www.gecko.security/blog/cve-2025-51481

Scores

CVSS v3 6.6
EPSS 0.0013
EPSS Percentile 31.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (2)
dagsterlabs/dagster 1.10.14
pypi/dagster 0 - 1.10.16PyPI
Published Jul 22, 2025
Tracked Since Feb 18, 2026