rpm package
suse/python-sqlparse&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
pkg:rpm/suse/python-sqlparse&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-4340 | Hig | 7.5 | < 0.4.4-150400.6.7.1 | 0.4.4-150400.6.7.1 | Apr 30, 2024 | Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. | |
| CVE-2023-30608 | — | < 0.4.4-150400.6.4.2 | 0.4.4-150400.6.4.2 | Apr 18, 2023 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of |
- affected < 0.4.4-150400.6.7.1fixed 0.4.4-150400.6.7.1
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
- CVE-2023-30608Apr 18, 2023affected < 0.4.4-150400.6.4.2fixed 0.4.4-150400.6.4.2
sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of