EUVD-2024-3604

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-9774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in python-sql where unary operators do not escape non-Expression. CVE-2024-9774 Note that Nessus relies on the presence of the package...

Fedora: Security Advisory (FEDORA-2024-1a2f1733ad)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0413-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL Injection

python-sql is vulnerable to SQL Injection. The vulnerability is due to insufficient input sanitization and improper handling of unary operators in the python-sql library. Specifically, non-Expression values are not properly escaped, allowing them to be inserted into SQL queries without proper...

python-sql SQL injection vulnerability

A vulnerability was found in python-sql where unary operators do not escape non-Expression like And and Or which makes any system exposing those vulnerable to an SQL injection attack...

pavo-cristatus (>=0.4.1.0 <=0.5.7.0) potentially affected by CVE-2024-9774 via python-sql (=1.1.0)

python-sql PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on python-sql and may be impacted: - pavo-cristatus =0.4.1.0, =0.5.7.0 Source cves: CVE-2024-9774 Source advisory: OSV:GHSA-PQ9P-PC3P-9HM4...

GHSA-PQ9P-PC3P-9HM4 python-sql SQL injection vulnerability

A vulnerability was found in python-sql where unary operators do not escape non-Expression like And and Or which makes any system exposing those vulnerable to an SQL injection attack...

SQL Injection

Overview python-sql is a Library to write SQL queries Affected versions of this package are vulnerable to SQL Injection due to improper escape of non-Expression for unary operators. Remediation Upgrade python-sql to version 1.5.2 or higher. References - Commit - Issue - Security Release Credit:...

pavo-cristatus (>=0.4.1.0 <=0.5.7.0) potentially affected by CVE-2024-9774 via python-sql (=1.1.0)

python-sql PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on python-sql and may be impacted: - pavo-cristatus =0.4.1.0, =0.5.7.0 Source cves: CVE-2024-9774 Source advisory: SNYK:PYTHON-PYTHONSQL-8551198...

CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

DEBIAN-CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

UBUNTU-CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

CVE-2024-9774 Python-sql: python-sql unary operators does not escape non-expression

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

CVE-2024-9774

CVE-2024-9774 affects the Python-sql library where unary operators do not escape non-Expression. Public sources reference a fix in version 1.5.2 (Fedora/openSUSE advisories), with advisories noting updated packages to address the issue. The CVE entry lists CVSSv3 metrics (base score 6.5, MEDIUM) ...

CVE-2024-9774 Python-sql: python-sql unary operators does not escape non-expression

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...

[SECURITY] Fedora 41 Update: python-sql-1.5.2-3.fc41

python-sql is a library to write SQL queries in a pythonic way...

Fedora 41 : python-sql (2024-1a2f1733ad)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1a2f1733ad advisory. - update to 1.5.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...