VYPR

Sqlparse

by Andialbrecht

pypi: sqlparse

Source repositories

CVEs (3)

  • CVE-2024-4340HigApr 30, 2024
    risk 0.42cvss 7.5epss 0.03

    Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.

  • CVE-2023-30608Apr 18, 2023
    risk 0.00cvss epss 0.01

    sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of…

  • CVE-2021-32839Sep 20, 2021
    risk 0.00cvss epss 0.02

    sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n'…