[SECURITY] [DSA 5700-1] python-pymysql security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5700-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2024 https://www.debian.org/security/faq -...

DSA-5700-1 python-pymysql - security update

Bulletin has no description...

Debian dla-3822 : python-pymysql - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3822 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3822-1 [email protected] https://www.debian.org/lts/security/...

Debian dsa-5700 : python-pymysql-doc - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5700 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5700-1 [email protected] https://www.debian.org/security/...

Debian: Security Advisory (DLA-3822-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3822-1 python-pymysql - security update

Bulletin has no description...

SQL Injection

PyMySQL is vulnerable to SQL Injection. The vulnerability is due to improper JSON sanitization within the escapedict function, which allows an attacker execute arbitrary SQL if an application handles untrusted JSON user input...

CVE-2024-36039

A flaw was found in PyMySQL. When processing untrusted JSON input, keys are not escaped by the escapedict function due to insufficient input sanitization, allowing an attacker to inject malicious SQL queries. Mitigation Make sure the permissions are set correctly for each user, database, table,...

SUSE CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

GHSA-V9HF-5J83-6XPP PyMySQL SQL Injection vulnerability

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

PyMySQL SQL Injection vulnerability

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

0lever-utils (>=0.0.2 <=0.0.7), abadpour (>=6.13.1 <=6.47.1) +550 more potentially affected by CVE-2024-36039 via pymysql (>=0.10.0 <=1.1.0)

pymysql PYPI version =0.10.0, =0.0.2, =6.13.1, =8.194.1, =0.2.3, =2.0.0, =0.1.0, =1.1.4, =0.5.0, =0.5.1 and more Source cves: CVE-2024-36039 Source advisory: OSV:GHSA-V9HF-5J83-6XPP...

GHSA-V9HF-5J83-6XPP vulnerabilities

Vulnerabilities for packages: datadog-agent, py3-pymysql...

GHSA-V9HF-5J83-6XPP vulnerabilities

Vulnerabilities for packages: py3-pymysql, datadog-agent...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

DEBIAN-CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

AZL-44457 CVE-2024-36039 affecting package python-PyMySQL for versions less than 1.1.1-3

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

CVE-2024-36039 vulnerabilities

Vulnerabilities for packages: py3-pymysql, datadog-agent...

AZL-43726 CVE-2024-36039 affecting package python-PyMySQL 0.9.3-3

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...