VYPR

rpm package

suse/python-SQLAlchemy&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/python-SQLAlchemy&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (2)

  • CVE-2019-7164Feb 20, 2019
    affected < 1.0.14-4.3.1fixed 1.0.14-4.3.1

    SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

  • CVE-2019-7548Feb 6, 2019
    affected < 1.0.14-4.3.1fixed 1.0.14-4.3.1

    SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.