VYPR

rpm package

opensuse/python-sqlparse&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/python-sqlparse&distro=openSUSE%20Leap%2015.5

Vulnerabilities (2)

  • CVE-2024-4340HigApr 30, 2024
    affected < 0.4.4-150400.6.7.1fixed 0.4.4-150400.6.7.1

    Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.

  • CVE-2023-30608Apr 18, 2023
    affected < 0.4.4-150400.6.4.2fixed 0.4.4-150400.6.4.2

    sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of