SQLAlchemy vulnerable to SQL injection

🗓️ 14 May 2022 03:49:27Reported by GitHub Advisory DatabaseType

SQLAlchemy vulnerable to SQL injection in versions before 0.7.0b4, allowing remote attackers to execute arbitrary SQL commands

Reporter	Title	Published	Views	Family All 55
Tenable Nessus	CentOS 6 : python-sqlalchemy (CESA-2012:0369)	8 Mar 201200:00	–	nessus
Tenable Nessus	Debian DSA-2449-1 : sqlalchemy - missing input sanitization	13 Apr 201200:00	–	nessus
Tenable Nessus	Fedora 17 : python-sqlalchemy0.5-0.5.8-9.fc17 (2012-3373)	12 Apr 201200:00	–	nessus
Tenable Nessus	Fedora 16 : python-sqlalchemy0.5-0.5.8-9.fc16 (2012-3412)	2 Apr 201200:00	–	nessus
Tenable Nessus	Fedora 15 : python-sqlalchemy0.5-0.5.8-9.fc15 (2012-3414)	2 Apr 201200:00	–	nessus
Tenable Nessus	GLSA-201209-16 : SQLAlchemy: SQL injection	27 Sep 201200:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : python-sqlalchemy (MDVSA-2012:059)	6 Sep 201200:00	–	nessus
Tenable Nessus	MiracleLinux 4 : python-sqlalchemy-0.5.5-3.AXS4 (AXSA:2012-366:01)	14 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 6 : python-sqlalchemy (ELSA-2012-0369)	12 Jul 201300:00	–	nessus
Tenable Nessus	RHEL 6 : python-sqlalchemy (RHSA-2012:0369)	8 Mar 201200:00	–	nessus

Vulners

Node

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-0805
bugs	www.bugs.launchpad.net/keystone/+bug/918608
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/73756
rhn	www.rhn.redhat.com/errata/RHSA-2012-0369.html
debian	www.debian.org/security/2012/dsa-2449
sqlalchemy	www.sqlalchemy.org/changelog/CHANGES_0_7_0
github	www.github.com/sqlalchemy/sqlalchemy/commit/51fea2e159ca93daa0bc8066a5c35d8436d99418
web	www.web.archive.org/web/20140721183117/http://secunia.com/advisories/48771
web	www.web.archive.org/web/20140802043526/http://secunia.com/advisories/48328
web	www.web.archive.org/web/20140802044957/http://secunia.com/advisories/48327

28 Oct 2024 14:40Current

8.7High risk

Vulners AI Score8.7

CVSS 27.5

EPSS0.01649