VYPR

PyPI package

duckdb

pkg:pypi/duckdb

Vulnerabilities (1)

  • CVE-2024-41672Jul 24, 2024
    affected >= 1.0.0, < 1.1.0fixed 1.1.0

    DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerability provides an attacker with access to filesystem even when access is expected to