AZL-43726 CVE-2024-36039 affecting package python-PyMySQL 0.9.3-3

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

UBUNTU-CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

PyMySQL 安全漏洞

PyMySQL is a pure Python MySQL client library based on PEP 249 from the PyMySQL open source. A security vulnerability exists in PyMySQL 1.1.0 and earlier versions that stems from the presence of SQL injection...

CVE-2024-36039

CVE-2024-36039 affects PyMySQL up to 1.1.0, where untrusted JSON input can cause SQL injection because escape_dict does not escape keys. Connected documents corroborate vulnerability details and indicate fixes in newer PyMySQL releases (e.g., PyMySQL 1.1.1+ and package updates across Linux distri...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

CVE-2024-36039

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict...

RHEL 8 : python27:2.7 (RHSA-2023:5990)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5990 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types...

python38:3.8 and python38-devel:3.8 security update

babel 2.7.0-11 - Fix CVE-2021-20095 Resolves: rhbz1955615 Cython 0.29.14-4 - Exclude unsupported i686 arch modwsgi 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 numpy 1.17.3-6 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 python38...

AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2023:3781)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3781 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. No...

RHEL 8 : python27:2.7 (RHSA-2023:3780)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3780 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types...

USN-5823-3: MySQL regression

USN-5823-1 fixed vulnerabilities in MySQL. Unfortunately, 8.0.32 introduced a regression in MySQL Router preventing connections from PyMySQL. This update reverts most of the changes in MySQL Router to 8.0.31 until a proper fix can be found. We apologize for the inconvenience. Original advisory...

new packages: python-PyMySQL

An update is available for python-PyMySQL. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

new module: python39:3.9

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, modwsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil,...

python27:2.7 security, bug fix, and enhancement update

An update is available for python-pymongo, python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-requests, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet,...

python36:3.6 bug fix and enhancement update

An update is available for python-pymongo, python-docutils, python-pygments, python-PyMySQL, python-docs, python36, python-virtualenv, python-distro, python-nose, python-wheel, scipy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

python27:2.7 bug fix update

An update is available for python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe, python-pluggy,...

python36:3.6 bug fix update

An update is available for python-docutils, python-pygments, python-PyMySQL, python-docs, python36, python-nose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

Denial Of Service (DoS)

mysql is vulnerable to denial of service. An easy to exploit vulnerability allows a high privileged attacker to crash the server...