SUSE-SU-2024:1767-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2024-4340: Catch RecursionError to avoid a denial of service. bsc1223603...

Mageia: Security Advisory (MGASA-2024-0185)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-sqlparse packages fix security vulnerability

Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

MGASA-2024-0185 Updated python-sqlparse packages fix security vulnerability

Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

OESA-2024-1603 python-sqlparse security update

sqlparse is a non-validating SQL parser module. It provides support for parsing, splitting and formatting SQL statements. Security Fixes: Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. CVE-2024-4340...

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-1 advisory. - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser...

Ubuntu: Security Advisory (USN-6771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6771-1 sqlparse vulnerability

It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of service...

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : SQL parse vulnerability (USN-6771-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6771-1 advisory. It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of...

OESA-2024-1533 python-sqlparse security update

sqlparse is a non-validating SQL parser module. It provides support for parsing, splitting and formatting SQL statements. Security Fixes: Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. CVE-2024-4340...

SUSE CVE-2024-4340

Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

CVE-2024-4340

A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...

GHSA-62QF-JCQ8-8GXW Duplicate Advisory: sqlparse parsing heavily nested list leads to Denial of Service

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2m57-hf25-phgg. This link is maintained to preserve external references. Original Description Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

DEBIAN-CVE-2024-4340

Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

UBUNTU-CVE-2024-4340

Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...

CVE-2024-4340

CVE-2024-4340 is a denial-of-service vulnerability in the Python sqlparse library, caused by passing a heavily nested list to sqlparse.parse() which can trigger a RecursionError. Public documentation in the connected items confirms widespread impact across products that bundle sqlparse (e.g., IBM...

sqlparse 安全漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting, and formatting SQL statements. A security vulnerability exists in sqlparse that stems from an application passing a nested list to sqlparse.parse, resulting in a denial of service...

RHEL 8 : RHUI 4.5.0 - Security, Bug Fixes, and Enhancements (Moderate) (RHSA-2023:4591)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4591 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

dbt uses a SQLparse version with a high vulnerability

Summary Using a version of sqlparse that has a security vulnerability and no way to update in current version of dbt core. Snyk recommends using sqlparse==0.5 but this causes a conflict with dbt. Snyk states the issues is a recursion error: SNYK-PYTHON-SQLPARSE-6615674. Details Dependency conflic...

GHSA-P72Q-H37J-3HQ7 dbt uses a SQLparse version with a high vulnerability

Summary Using a version of sqlparse that has a security vulnerability and no way to update in current version of dbt core. Snyk recommends using sqlparse==0.5 but this causes a conflict with dbt. Snyk states the issues is a recursion error: SNYK-PYTHON-SQLPARSE-6615674. Details Dependency conflic...