VYPR
Vendor

Fluffington

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2026-46374HigJun 9, 2026
    risk 0.42cvss 7.5epss 0.00

    SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.2.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious long query to any application…

  • CVE-2026-46373HigJun 9, 2026
    risk 0.42cvss 7.5epss 0.00

    SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive…

  • CVE-2023-36830Jul 6, 2023
    risk 0.00cvss epss 0.00

    SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the `library_path` config value to allow arbitrary python code to be executed via…

  • CVE-2014-4530Jan 10, 2020
    risk 0.00cvss epss 0.01

    flog plugin 0.1 for WordPress has XSS

  • CVE-2006-0352Jan 21, 2006
    risk 0.00cvss epss 0.01

    The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (login credentials) via a direct request. NOTE: It was later reported that…