CVE-2025-51481 | Dagster 1.10.14 ExternalNotebookData Request dagster._grpc.impl.get_notebook_data notebook_path path traversal

A vulnerability was found in Dagster 1.10.14. It has been rated as critical. Affected by this issue is the function dagster._grpc.impl.get_notebook_data of the component ExternalNotebookData Request Handler. The manipulation of the argument notebook_path leads to path traversal.

This vulnerability is handled as CVE-2025-51481. Access to the local network is required for this attack. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More