Critical severityOSV Advisory· Published Feb 6, 2019· Updated Aug 4, 2024
CVE-2019-7548
CVE-2019-7548
Description
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQLAlchemy 1.2.17 is vulnerable to SQL injection via the group_by parameter when user-controlled input is passed unsanitized.
Vulnerability
SQLAlchemy version 1.2.17 contains a SQL injection vulnerability in the group_by parameter. The issue arises when an application passes user-controlled input directly to the group_by() method without proper sanitization or parameterization. The vulnerable code path is reachable when the group_by argument is built from untrusted data, allowing an attacker to inject arbitrary SQL clauses. The affected versions include SQLAlchemy 1.2.17 and possibly earlier releases, as referenced in multiple advisories [1][2][3][4].
Exploitation
An attacker needs the ability to supply or influence the value of the group_by parameter in a SQLAlchemy query. No authentication is required if the application exposes a query interface to unauthenticated users. The concrete sequence involves crafting a malicious group_by string that includes SQL injection payloads, which then becomes part of the generated SQL statement. No special network position is required beyond normal web access to the vulnerable application [3][4].
Impact
Successful exploitation allows an attacker to execute arbitrary SQL commands against the database. This can lead to unauthorized data disclosure, modification, or deletion, and in some contexts, compromise of the database server. The impact is limited to the privileges of the database user configured for the SQLAlchemy connection [3][4].
Mitigation
The fix was released in SQLAlchemy 1.2.18 and later. Users should upgrade to version 1.2.18 or newer. Red Hat also provided updated packages (e.g., python-sqlalchemy-1.3.2-1.module+el8.0.0+2975+e0f02136) as part of RHSA-2019:0981 and RHSA-2019:0984 [1][2]. If upgrading is not immediately possible, applications should sanitize or validate any user-supplied input before passing it to the group_by method [3][4].
References
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
SQLAlchemyPyPI | < 1.2.19 | 1.2.19 |
Affected products
154- Range: origin, rel_0_1_0, rel_0_1_1, …
- ghsa-coords153 versionspkg:pypi/sqlalchemypkg:rpm/almalinux/python2-attrspkg:rpm/almalinux/python2-chardetpkg:rpm/almalinux/python2-coveragepkg:rpm/almalinux/python2-Cythonpkg:rpm/almalinux/python2-docutilspkg:rpm/almalinux/python2-funcsigspkg:rpm/almalinux/python2-idnapkg:rpm/almalinux/python2-ipaddresspkg:rpm/almalinux/python2-markupsafepkg:rpm/almalinux/python2-mockpkg:rpm/almalinux/python2-pluggypkg:rpm/almalinux/python2-psycopg2pkg:rpm/almalinux/python2-psycopg2-debugpkg:rpm/almalinux/python2-psycopg2-testspkg:rpm/almalinux/python2-pypkg:rpm/almalinux/python2-PyMySQLpkg:rpm/almalinux/python2-pysockspkg:rpm/almalinux/python2-pytestpkg:rpm/almalinux/python2-pytest-mockpkg:rpm/almalinux/python2-pytzpkg:rpm/almalinux/python2-pyyamlpkg:rpm/almalinux/python2-rpm-macrospkg:rpm/almalinux/python2-setuptools_scmpkg:rpm/almalinux/python3-docspkg:rpm/almalinux/python3-docutilspkg:rpm/almalinux/python-psycopg2-docpkg:rpm/opensuse/python-SQLAlchemy&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/python-SQLAlchemy&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ardana-ansible&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cluster&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cobbler&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-db&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-extensions-nsx&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-input-model&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-installer-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-logging&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-mq&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-opsconsole&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-opsconsole-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-osconfig&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-service&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-ses&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-tempest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-ha&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-designate&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-fwaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-fwaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-lbaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-lbaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-vpnaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-vpnaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-ardana-configurationprocessor&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-cinder-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-cinder-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-ironicclient&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-ironicclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-monasca-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-monasca-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-openstackclient&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-openstackclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-openstacksdk&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-openstacksdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-proliantutils&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-proliantutils&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-python-engineio&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-SQLAlchemy&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/python-swiftlm&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-vmware-nsx&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-vmware-nsx&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-vmware-nsxlib&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-vmware-nsxlib&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/yast2-crowbar&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 1.2.19+ 152 more
- (no CPE)range: < 1.2.19
- (no CPE)range: < 17.4.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.0.4-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 4.5.1-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.28.1-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.14-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.18-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.23-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.0.0-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.6.0-8.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.5.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.8.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.6.8-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.4.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.9.0-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2017.2-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.12-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3-38.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.7-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.6.7-2.module_el8.5.0+2569+5c5719bc
- (no CPE)range: < 0.14-12.module_el8.5.0+2569+5c5719bc
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.2.7-lp150.2.3.1
- (no CPE)range: < 1.2.14-lp151.2.3.1
- (no CPE)range: < 9.0+git.1566374020.301191f-3.7.2
- (no CPE)range: < 9.0+git.1566251498.be02ca4-3.7.2
- (no CPE)range: < 9.0+git.1565678764.c3a9b9f-3.7.2
- (no CPE)range: < 9.0+git.1559333871.40508f7-3.7.2
- (no CPE)range: < 9.0+git.1566336494.93967dd-3.7.2
- (no CPE)range: < 9.0+git.1564409964.b7e4fc3-3.7.2
- (no CPE)range: < 9.0+git.1565680593.df7a432-3.7.2
- (no CPE)range: < 9.0+git.1566213657.69862ab-8.1
- (no CPE)range: < 9.0+git.1566375806.f0b2333-3.7.2
- (no CPE)range: < 9.0+git.1565721273.f44b8d7-3.7.2
- (no CPE)range: < 9.0+git.1565891518.2a545a1-3.7.2
- (no CPE)range: < 9.0+git.1562848565.91e75b2-3.7.2
- (no CPE)range: < 9.0+git.1566255088.3443670-3.7.2
- (no CPE)range: < 9.0+git.1565721987.ddc59c8-3.7.2
- (no CPE)range: < 9.0+git.1565891593.cad6d1a-3.7.2
- (no CPE)range: < 9.0+git.1565761582.2dc823a-3.7.2
- (no CPE)range: < 9.0+git.1565762005.016032a-3.7.2
- (no CPE)range: < 9.0+git.1566332665.ad894c0-3.7.2
- (no CPE)range: < 9.0+git.1565115025.148d092-3.7.2
- (no CPE)range: < 9.0+git.1566251310.3a1e8f9-3.7.2
- (no CPE)range: < 9.0+git.1566332515.e232568-3.7.2
- (no CPE)range: < 9.0+git.1566206502.6c87b41-3.7.2
- (no CPE)range: < 9.0+git.1566251377.b1caeaa-3.7.2
- (no CPE)range: < 9.0+git.1555530925.206f1a8-4.7.2
- (no CPE)range: < 9.0+git.1565764394.545b573-3.7.2
- (no CPE)range: < 9.0+git.1564706915.edd44c4-3.7.2
- (no CPE)range: < 9.0+git.1565962617.523149b-3.7.2
- (no CPE)range: < 9.0+git.1565891872.73fc3c7-3.7.2
- (no CPE)range: < 9.0+git.1566471752.a3c5c9c-3.7.2
- (no CPE)range: < 6.0+git.1566321308.1de18b9a4-3.7.2
- (no CPE)range: < 6.0+git.1566406179.7549de2-3.7.2
- (no CPE)range: < 6.0+git.1566404979.41279a88e-3.7.2
- (no CPE)range: < 1.3.0+git.1563181545.65360af5-8.1
- (no CPE)range: < 11.0.2~dev14-3.7.2
- (no CPE)range: < 11.0.2~dev14-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 1.5.1~dev6-8.1
- (no CPE)range: < 1.5.1~dev6-8.1
- (no CPE)range: < 5.0.1~dev7-8.1
- (no CPE)range: < 5.0.1~dev7-8.1
- (no CPE)range: < 1.4.1~dev7-8.1
- (no CPE)range: < 1.4.1~dev7-8.1
- (no CPE)range: < 11.1.4~dev9-3.7.2
- (no CPE)range: < 11.1.4~dev9-3.7.2
- (no CPE)range: < 3.3.3~dev4-3.7.2
- (no CPE)range: < 3.3.3~dev4-3.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 7.1.1~dev28-3.7.2
- (no CPE)range: < 7.1.1~dev28-3.7.2
- (no CPE)range: < 7.3.1~dev3-4.7.2
- (no CPE)range: < 7.3.1~dev3-4.7.2
- (no CPE)range: < 1.14.2~dev1-6.7.2
- (no CPE)range: < 1.14.2~dev1-6.7.2
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 13.0.5~dev22-3.7.2
- (no CPE)range: < 13.0.5~dev22-3.7.2
- (no CPE)range: < 5.0.1~dev459-3.7.2
- (no CPE)range: < 5.0.1~dev459-3.7.2
- (no CPE)range: < 13.0.1~dev14-3.7.2
- (no CPE)range: < 13.0.1~dev14-3.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 3.1.2~dev8-3.7.2
- (no CPE)range: < 3.1.2~dev8-3.7.2
- (no CPE)range: < 19.0.0-12.1
- (no CPE)range: < 19.0.0-12.1
- (no CPE)range: < 9.0+git.1566405927.c5c03d4-3.8.2
- (no CPE)range: < 0.1.0-8.1
- (no CPE)range: < 0.1.0-8.1
- (no CPE)range: < 2.5.3-4.7.2
- (no CPE)range: < 2.5.3-4.7.2
- (no CPE)range: < 5.2.0-8.1
- (no CPE)range: < 5.2.0-8.1
- (no CPE)range: < 0.3.0-8.1
- (no CPE)range: < 0.3.0-8.1
- (no CPE)range: < 3.16.2-8.1
- (no CPE)range: < 3.16.2-8.1
- (no CPE)range: < 0.17.3-8.1
- (no CPE)range: < 0.17.3-8.1
- (no CPE)range: < 2.8.4-8.1
- (no CPE)range: < 2.8.4-8.1
- (no CPE)range: < 2.0.2-9.1
- (no CPE)range: < 1.1.12-3.5.1
- (no CPE)range: < 1.0.14-4.3.1
- (no CPE)range: < 1.2.14-6.3.1
- (no CPE)range: < 1.2.14-6.3.1
- (no CPE)range: < 1.0.14-4.3.1
- (no CPE)range: < 1.1.12-3.5.1
- (no CPE)range: < 1.2.10-3.3.1
- (no CPE)range: < 1.1.12-3.5.1
- (no CPE)range: < 1.2.10-3.3.1
- (no CPE)range: < 1.2.7-bp150.2.3.1
- (no CPE)range: < 9.0+git.1541434883.e0ebe69-8.1
- (no CPE)range: < 13.0.1~dev146-9.1
- (no CPE)range: < 13.0.1~dev146-9.1
- (no CPE)range: < 13.0.1~dev24-8.1
- (no CPE)range: < 13.0.1~dev24-8.1
- (no CPE)range: < 7.0.1~dev18-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 17.0.1~dev16-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 14.0.4~dev4-4.7.2
- (no CPE)range: < 11.1.4~dev9-4.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 7.1.1~dev28-4.7.2
- (no CPE)range: < 7.3.1~dev3-3.7.2
- (no CPE)range: < 1.8.2~dev3-3.7.2
- (no CPE)range: < 2.7.1~dev10-3.7.2
- (no CPE)range: < 13.0.5~dev22-6.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 3.1.2~dev8-4.7.2
- (no CPE)range: < 9.0.2~dev9-3.7.2
- (no CPE)range: < 2.19.2~dev1-2.4.2
- (no CPE)range: < 3.4.2-8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.opensuse.org/opensuse-security-announce/2019-08/msg00087.htmlghsavendor-advisoryx_refsource_SUSEWEB
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00010.htmlghsavendor-advisoryx_refsource_SUSEWEB
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00016.htmlghsavendor-advisoryx_refsource_SUSEWEB
- access.redhat.com/errata/RHSA-2019:0981ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2019:0984ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-38fc-9xqv-7f7qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-7548ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/sqlalchemy/PYSEC-2019-124.yamlghsaWEB
- github.com/sqlalchemy/sqlalchemy/issues/4481ghsax_refsource_MISCWEB
- github.com/sqlalchemy/sqlalchemy/issues/4510ghsaWEB
- lists.debian.org/debian-lts-announce/2019/03/msg00020.htmlghsamailing-listx_refsource_MLISTWEB
- lists.debian.org/debian-lts-announce/2021/11/msg00005.htmlghsamailing-listx_refsource_MLISTWEB
- www.oracle.com/security-alerts/cpujan2021.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.