29 matches found
acryl-datahub-gx-plugin (>=0.14.0.3 <=0.15.0rc15), agnostic (=1.0.3) +550 more potentially affected by CVE-2024-4340 via sqlparse (>=0.1.14 <=0.5.3)
sqlparse PYPI version =0.1.14, =0.14.0.3, =0.2.0, =0.0.1, =0.1.0, =2.0.0, =0.8.0, =0.0.1a0, =0.0.36, =2.1.1.3, =1.0.0, =1.0.2 and more Source cves: CVE-2024-4340 Source advisory: SNYK:PYTHON-SQLPARSE-14157217...
Fedora: Security Advisory (FEDORA-2025-d2d3a5fa79)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : python-sqlparse (2025-d2d3a5fa79)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d2d3a5fa79 advisory. This update backports the upstream fixes for CVE-2023-30608 and CVE-2024-4340. It also enables the test suite and corrects the SPDX license...
Security Bulletin: Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. CWE:CWE-674: Uncontrolled Recursio...
TencentOS Server 4: python-sqlparse (TSSA-2024:0918)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0918 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: sqlparse Vulnerability Affects IBM Data Observability by Databand Self-Hosted (CVE-2024-4340)
Summary A vulnerability in sqlparse was addressed in IBM Data Observability by Databand Self-Hosted Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: sqlparse is vulnerable to a denial of service, caused by a flaw when passing a heavily nested list to the parse function. By sending a special...
Debian dla-4000 : python-sqlparse-doc - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4000 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4000-1 [email protected]...
RHEL 8 : RHOSP 17.1.4 (python-sqlparse) (RHSA-2024:9986)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9986 advisory. sqlparse is a tool for parsing SQL strings Security Fixes: parsing heavily nested list leads to denial of service CVE-2024-4340 For more details abou...
RHEL 9 : RHOSP 17.1.4 (python-sqlparse) (RHSA-2024:9984)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9984 advisory. sqlparse is a tool for parsing SQL strings Security Fixes: parsing heavily nested list leads to denial of service CVE-2024-4340 For more details abou...
Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-sqlparse) security update
An update for python-sqlparse is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-sqlparse) security update
An update for python-sqlparse is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
openSUSE Security Advisory (SUSE-SU-2024:1861-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1861-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in sqlparse affects IBM Process Mining CVE-2024-4340
Summary There is a vulnerability in sqlparse that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-4340...
openSUSE Security Advisory (SUSE-SU-2024:1767-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : python-sqlparse (SUSE-SU-2024:1767-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1767-1 advisory. - CVE-2024-4340: Catch RecursionError to avoid a denial of service. bsc1223603 Tenable has extracted the preceding description...
SUSE-SU-2024:1767-1 Security update for python-sqlparse
This update for python-sqlparse fixes the following issues: - CVE-2024-4340: Catch RecursionError to avoid a denial of service. bsc1223603...
SUSE CVE-2024-4340
Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...
CVE-2024-4340
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
CVE-2024-4340
Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...