rpm package
opensuse/python-sqlparse&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python-sqlparse&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2430 | — | < 0.5.0-1.1 | 0.5.0-1.1 | Jul 12, 2024 | The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Sto | ||
| CVE-2023-30608 | — | < 0.4.4-1.1 | 0.4.4-1.1 | Apr 18, 2023 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of | ||
| CVE-2021-32839 | — | < 0.4.2-1.1 | 0.4.2-1.1 | Sep 20, 2021 | sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in |
- CVE-2024-2430Jul 12, 2024affected < 0.5.0-1.1fixed 0.5.0-1.1
The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Sto
- CVE-2023-30608Apr 18, 2023affected < 0.4.4-1.1fixed 0.4.4-1.1
sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of
- CVE-2021-32839Sep 20, 2021affected < 0.4.2-1.1fixed 0.4.2-1.1
sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in