4 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.2.0, in deployments where untruste...
CVE-2026-46373 SQLFluff: Recursive Stack Overflow in Parser
SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any...
CVE-2023-36830
SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...
alvin-cli (>=0.0.1a0 <=1.2.0rc18), cumulus-library (>=0.1.2 <=1.4.0) +15 more potentially affected by CVE-2023-36830 via sqlfluff (>=0.11.2 <=2.1.1)
sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.1.2, =0.1.2, =0.19.1a7, =0.9.3, =0.1.0, =0.1.0, =0.1.5, =0.1.0, =0.3.0a0, =0.13.2.6, =1.0.2, =0.8.0, =0.0.0, =1.2.1, =2.1.1 and more Source cves: CVE-2023-36830 Source advisory: OSV:PYSEC-2023-111...