VYPR

PyPI package

sqlfluff

pkg:pypi/sqlfluff

Vulnerabilities (1)

  • CVE-2023-36830Jul 6, 2023
    affected < 2.1.2fixed 2.1.2

    SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the `library_path` config value to allow arbitrary python code to be executed via macro