Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
| Software | From | Fixed in |
|---|---|---|
| sqlalchemy / sqlalchemy | 1.2.17 | 1.2.17.x |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| opensuse / leap | 15.0 | 15.0.x |
| opensuse / leap | 15.1 | 15.1.x |
| opensuse / backports_sle | 15.0 | 15.0.x |
| redhat / enterprise_linux_eus | 8.1 | 8.1.x |
| redhat / enterprise_linux_eus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_tus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_aus | 8.2 | 8.2.x |
| redhat / enterprise_linux | 8.0 | 8.0.x |
| redhat / enterprise_linux_server_tus | 8.4 | 8.4.x |
| redhat / enterprise_linux_eus | 8.4 | 8.4.x |
| redhat / enterprise_linux_server_aus | 8.4 | 8.4.x |
| oracle / communications_operations_monitor | 4.2 | 4.2.x |
| oracle / communications_operations_monitor | 4.3 | 4.3.x |
SQLAlchemy
|
- | 1.3.0 |
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00087.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00016.html
- https://access.redhat.com/errata/RHSA-2019:0981
- https://access.redhat.com/errata/RHSA-2019:0984
- https://github.com/no-security/sqlalchemy_test
- https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518
- https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/11/msg00005.html
- https://www.oracle.com/security-alerts/cpujan2021.html