acryl-datahub-gx-plugin (>=0.14.0.3 <=0.15.0rc15), agnostic (=1.0.3) +547 more potentially affected by CVE-2024-4340 via sqlparse (>=0.1.14 <=0.5.3)

sqlparse PYPI version =0.1.14, =0.14.0.3, =0.2.0, =0.0.1, =0.1.0, =2.0.0, =0.8.0, =0.0.1a0, =0.0.36, =2.1.1.3, =1.0.0, =1.0.2 and more Source cves: CVE-2024-4340 Source advisory: SNYK:PYTHON-SQLPARSE-14157217...

EUVD-2021-0250

Malware in sbrugna...

TencentOS Server 4: python-sqlparse (TSSA-2024:0917)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0917 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to sqlparse-0.4.4-py3-none-any.whl CVE-2024-4340

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to sqlparse-0.4.4-py3-none-any.whl CVE-2024-4340. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: sqlparse is vulnerable to a denial of service,...

Security Bulletin: sqlparse Vulnerability Affects IBM Data Observability by Databand Self-Hosted (CVE-2024-4340)

Summary A vulnerability in sqlparse was addressed in IBM Data Observability by Databand Self-Hosted Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: sqlparse is vulnerable to a denial of service, caused by a flaw when passing a heavily nested list to the parse function. By sending a special...

RHEL 8 : RHOSP 17.1.4 (python-sqlparse) (RHSA-2024:9986)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9986 advisory. sqlparse is a tool for parsing SQL strings Security Fixes: parsing heavily nested list leads to denial of service CVE-2024-4340 For more details abou...

sqlparse 安全漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting, and formatting SQL statements. A security vulnerability exists in sqlparse that stems from an application passing a nested list to sqlparse.parse, resulting in a denial of service...

dbt uses a SQLparse version with a high vulnerability

Summary Using a version of sqlparse that has a security vulnerability and no way to update in current version of dbt core. Snyk recommends using sqlparse==0.5 but this causes a conflict with dbt. Snyk states the issues is a recursion error: SNYK-PYTHON-SQLPARSE-6615674. Details Dependency conflic...

GHSA-P72Q-H37J-3HQ7 dbt uses a SQLparse version with a high vulnerability

Summary Using a version of sqlparse that has a security vulnerability and no way to update in current version of dbt core. Snyk recommends using sqlparse==0.5 but this causes a conflict with dbt. Snyk states the issues is a recursion error: SNYK-PYTHON-SQLPARSE-6615674. Details Dependency conflic...

acryl-datahub-gx-plugin (>=0.14.0.3 <=0.15.0rc15), agnostic (=1.0.3) +469 more potentially affected by CVE-2024-4340 via sqlparse (>=0.1.14 <=0.4.4)

sqlparse PYPI version =0.1.14, =0.14.0.3, =0.2.0, =0.0.1, =0.1.0, =2.0.0, =0.8.0, =0.0.1a0, =2.1.1.3, =1.0.0, =0.1.1, =0.7.11, =0.1.0, =1.7.0 and more Source cves: CVE-2024-4340 Source advisory: OSV:GHSA-2M57-HF25-PHGG...

SUSE-SU-2023:2619-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2023-30608: Fixed a Regular Expression Denial of Service ReDOS vulnerability bsc1210617...

agnostic (=1.0.3), airflow-dbt-python (>=0.2.0 <=0.14.3) +264 more potentially affected by CVE-2023-30608 via sqlparse (>=0.2.1 <=0.4.3)

sqlparse PYPI version =0.2.1, =0.2.0, =0.8.0, =1.0.0, =0.1.1, =0.7.11, =0.1.0, =0.1.2, =0.0.44, =0.1.0, =0.1.0, =0.5.1 and more Source cves: CVE-2023-30608 Source advisory: OSV:GHSA-RRM6-WVJ7-CWH2...

agnostic (=1.0.3), airflow-dbt-python (>=0.2.0 <=0.14.3) +264 more potentially affected by CVE-2023-30608 via sqlparse (>=0.2.1 <=0.4.3)

sqlparse PYPI version =0.2.1, =0.2.0, =0.8.0, =1.0.0, =0.1.1, =0.7.11, =0.1.0, =0.1.2, =0.0.44, =0.1.0, =0.1.0, =0.5.1 and more Source cves: CVE-2023-30608 Source advisory: OSV:PYSEC-2023-87...

UBUNTU-CVE-2023-30608

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service DoS. This...

CVE-2023-30608 Parser contains an inefficient regular expression in sqlparse

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service DoS. This...

sqlparse 安全漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting and formatting SQL statements. A security vulnerability exists in sqlparse version 0.1.15 and later. An attacker could exploit this vulnerability to cause a denial of service...