VYPR

rpm package

suse/python-SQLAlchemy&distro=HPE Helion OpenStack 8

pkg:rpm/suse/python-SQLAlchemy&distro=HPE%20Helion%20OpenStack%208

Vulnerabilities (2)

  • CVE-2019-7164Feb 20, 2019
    affected < 1.1.12-3.5.1fixed 1.1.12-3.5.1

    SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

  • CVE-2019-7548Feb 6, 2019
    affected < 1.1.12-3.5.1fixed 1.1.12-3.5.1

    SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.