CVE-2023-30608

CVE-2023-30608 affects the Python package sqlparse (non-validating SQL parser module). A vulnerable regular expression in the parser can cause Regular Expression Denial of Service (ReDoS) leading to DoS conditions. The issue was introduced by commit e75e358 and is fixed in sqlparse 0.4.4 via comm...

CVE-2021-32839

CVE-2021-32839 affects the Python package sqlparse . The vulnerability is a ReDoS in the StripComments regex used by the formatting path for removing comments, causing exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments in versions 0.4.0 and 0.4.1. The issue ...