PT-2024-40393 · Dbt-Core +1 · Dbt-Core +1

Name of the Vulnerable Software and Affected Versions: dbt-core versions 1.6.0 through 1.6.12 dbt-core versions 1.7.0 through 1.7.12 Description: The issue is related to a recursion error in the sqlparse library used by dbt-core. This error can be triggered by parsing a specific SQL query, such a...

Denial Of Service (DoS)

sqlparse is vulnerable to Denial of Service DoS. The vulnerability is due to a lack of recursion limits, which allows an attacker to pass a heavily nested list to the parse method resulting in a RecursionError...

GHSA-2M57-HF25-PHGG sqlparse parsing heavily nested list leads to Denial of Service

Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Details + PoC Running the following code will raise Maximum recursion limit exceeded exception: py import sqlparse sqlparse.parse'' 10000 + '' 10000 We expect a traceback of RecursionError:...

acryl-datahub-gx-plugin (>=0.14.0.3 <=0.15.0rc15), agnostic (=1.0.3) +469 more potentially affected by CVE-2024-4340 via sqlparse (>=0.1.14 <=0.4.4)

sqlparse PYPI version =0.1.14, =0.14.0.3, =0.2.0, =0.0.1, =0.1.0, =2.0.0, =0.8.0, =0.0.1a0, =2.1.1.3, =1.0.0, =0.1.1, =0.7.11, =0.1.0, =1.7.0 and more Source cves: CVE-2024-4340 Source advisory: OSV:GHSA-2M57-HF25-PHGG...

sqlparse parsing heavily nested list leads to Denial of Service

Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Details + PoC Running the following code will raise Maximum recursion limit exceeded exception: py import sqlparse sqlparse.parse'' 10000 + '' 10000 We expect a traceback of RecursionError:...

PT-2024-10474 · Pypi +4 · Sqlparse +4

Name of the Vulnerable Software and Affected Versions: sqlparse affected versions not specified Description: The issue is related to the sqlparse.parse function, which can lead to a Denial of Service due to a RecursionError when processing a heavily nested list. This can be exploited by a remote...

sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)

A flaw was found in sqlparse. The SQL parser contains a regular expression vulnerable to a Regular Expression Denial of Service ReDoS. The vulnerability may lead to a denial of service DoS...

Moderate: Red Hat Security Advisory: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.5 fixes several security and operational bugs and also adds several new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and...

sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)

A flaw was found in sqlparse. The SQL parser contains a regular expression vulnerable to a Regular Expression Denial of Service ReDoS. The vulnerability may lead to a denial of service DoS...

SUSE-SU-2023:2787-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2023-30608: Fixed a regular rexpression that is vulnerable to ReDOS bsc1210617...

SUSE-SU-2023:2693-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2023-30608: Fixed a regular rexpression that is vulnerable to ReDOS bsc1210617...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-sqlparse (SUSE-SU-2023:2619-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2619-1 advisory. - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains...

SUSE-SU-2023:2619-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2023-30608: Fixed a Regular Expression Denial of Service ReDOS vulnerability bsc1210617...

ROS-20230620-05

A vulnerability in the formatting functionality of the SQL parser module for Python Sqlparse is related to a regular expression that is vulnerable to reuse. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE SLED15 / SLES15 Security Update : python-sqlparse (SUSE-SU-2023:2462-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2462-1 advisory. - sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular...

SUSE-SU-2023:2462-1 Security update for python-sqlparse

This update for python-sqlparse fixes the following issues: - CVE-2023-30608: Fixed a Regular Expression Denial of Service ReDOS vulnerability bsc1210617...

Mageia: Security Advisory (MGASA-2023-0183)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-sqlparse packages fix security vulnerability

ReDoS Regular Expression Denial of Service CVE-2023-30608...

MGASA-2023-0183 Updated python-sqlparse packages fix security vulnerability

ReDoS Regular Expression Denial of Service CVE-2023-30608...

Debian: Security Advisory (DLA-3425-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...