CVE-2021-32839 Regular Expression Denial of Service in sqlparse

sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. On...

CVE-2021-32839

CVE-2021-32839 affects the Python package sqlparse . The vulnerability is a ReDoS in the StripComments regex used by the formatting path for removing comments, causing exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments in versions 0.4.0 and 0.4.1. The issue ...

CVE-2021-32839

sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. On...

CVE-2021-32839

sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. On...

sqlparse 资源管理错误漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting and formatting SQL statements. A resource management error vulnerability in sqlparse versions 0.4.0 and 0.4.1 allows attackers to conduct ReDoS Regular Expression Denial of Service attacks...

citrinedjangomodule (=1.0.0), cligo (>=1.0.0 <=1.2.1) +24 more potentially affected by CVE-2021-32839 via sqlparse (>=0.4.0 <=0.4.1)

sqlparse PYPI version =0.4.0, =1.0.0, =4.15.0, =1.0.9, =0.0.1, =0.2.0, =0.0.1, =0.14.2, =0.0.6, =0.0.10, =0.0.204 and more Source cves: CVE-2021-32839 Source advisory: OSV:GHSA-P5W8-WQHJ-9HHF...

GHSA-P5W8-WQHJ-9HHF StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)

Impact The formatter function that strips comments from a SQL contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Patches The...

StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)

Impact The formatter function that strips comments from a SQL contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Patches The...

PT-2021-6509 · Pypi +4 · Sqlparse +4

Name of the Vulnerable Software and Affected Versions: sqlparse versions 0.4.0 through 0.4.1 Description: The issue is related to a regular Expression Denial of Service in the sqlparse module for Python. The regular expression may cause exponential backtracking on strings containing many...