Lucene search
GoogleOSV:GHSA-V9HF-5J83-6XPPHistoryMay 21, 2024 - 6:31 p.m.
PyMySQL SQL Injection vulnerability
2024-05-2118:31:23
Google
osv.dev
12
pymysql
sql injection
json
untrusted input
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
References
github.com/PyMySQL/PyMySQL
github.com/PyMySQL/PyMySQL/commit/521e40050cb386a499f68f483fefd144c493053c
github.com/PyMySQL/PyMySQL/releases/tag/v1.1.1
lists.debian.org/debian-lts-announce/2024/05/msg00017.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23VXBV34GFRICCVYZ6KFMSSWY5UEXCF5
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35VOJS3SRJNLQIO7YTZFNM6RWHIHWTMK
nvd.nist.gov/vuln/detail/CVE-2024-36039
Related
nvd
nvd
CVE-2024-36039
2024-05-21 16:15:26
vulnrichment
vulnrichment
CVE-2024-36039
2024-05-21 00:00:00
nessus
nessus
Fedora 39 : python-PyMySQL (2024-e7141ab284)
2024-06-23 00:00:00
Oracle Linux 8 : python3.11-PyMySQL (ELSA-2024-4244)
2024-07-03 00:00:00
Debian dsa-5700 : python-pymysql-doc - security update
2024-05-29 00:00:00
debian
debian
[SECURITY] [DLA 3822-1] python-pymysql security update
2024-05-27 10:36:52
[SECURITY] [DSA 5700-1] python-pymysql security update
2024-05-29 17:35:02
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-b26f07d27b)
2024-06-25 00:00:00
openSUSE: Security Advisory for python (SUSE-SU-2024:1925-1)
2024-06-12 00:00:00
Debian: Security Advisory (DLA-3822-1)
2024-05-28 00:00:00
redhatcve
redhatcve
CVE-2024-36039
2024-05-23 19:21:13
debiancve
debiancve
CVE-2024-36039
2024-05-21 16:15:26
osv
osv
Moderate: python3.11-PyMySQL security update
2024-07-02 00:00:00
CGA-6vp8-66hx-q9wg
2024-06-06 12:24:44
python-pymysql - security update
2024-05-29 00:00:00
oraclelinux
oraclelinux
python3 security update
2024-07-03 00:00:00
python3.11-PyMySQL security update
2024-07-02 00:00:00
ubuntucve
ubuntucve
CVE-2024-36039
2024-05-21 00:00:00
cvelist
cvelist
CVE-2024-36039
2024-05-21 00:00:00
veracode
veracode
SQL Injection
2024-05-24 08:27:02
redos
redos
ROS-20240611-04
2024-06-11 00:00:00
ubuntu
ubuntu
PyMySQL vulnerability
2024-05-30 00:00:00
wolfi
wolfi
CVE-2024-36039 vulnerabilities
2024-09-27 09:13:12
almalinux
almalinux
Moderate: python3 security update
2024-07-02 00:00:00
Moderate: python3.11-PyMySQL security update
2024-07-02 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: python-PyMySQL-1.1.1-1.fc39
2024-06-24 01:39:16
[SECURITY] Fedora 40 Update: python-PyMySQL-1.1.1-1.fc40
2024-06-24 06:37:30
redhat
redhat
(RHSA-2024:4244) Moderate: python3.11-PyMySQL security update
2024-07-02 13:55:49
(RHSA-2024:4245) Moderate: python3 security update
2024-07-02 13:55:55
github
github
PyMySQL SQL Injection vulnerability
2024-05-21 18:31:23
ibm
ibm
Security Bulletin: PyMySQL allows SQL injection [CVE-2024-36039]
2024-08-14 13:09:15
cve
cve
CVE-2024-36039
2024-05-21 16:15:26