Showing 1 - 2 of 2

CVE-2019-7164

Status Candidate

Overview

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

Red Hat Security Advisory 2019-0984-01: Posted May 7, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0984-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlchemy is an Object Relational Mapper that provides a flexible, high-level interface to SQL databases. Issues addressed include a remote SQL injection vulnerability.; tags | advisory, remote, sql injection, python; systems | linux, redhat; advisories | CVE-2019-7164, CVE-2019-7548; SHA-256 | 78f2b0c17e9dfc47d517a9849cf864e7723b0120abb46f94062ed215b7d60bfb; Download | Favorite | View

Red Hat Security Advisory 2019-0981-01: Posted May 7, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0981-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. SQLAlchemy is an Object Relational Mapper that provides a flexible, high-level interface to SQL databases. Issues addressed include information leakage and remote SQL injection vulnerabilities.; tags | advisory, remote, vulnerability, sql injection, python; systems | linux, redhat; advisories | CVE-2019-7164, CVE-2019-7548, CVE-2019-9636; SHA-256 | ddd1cf03a956d8089cb1ded5cc4cd8ddf02a950d7aec570e495b738d17e1b2c9; Download | Favorite | View

Page 1 of 1 Back 1 Next