Redhat » Enterprise Linux Eus » 8.1 : Security Vulnerabilities, CVEs, Published In 2019 (Sql injection)
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
Max CVSS
7.8
EPSS Score
0.18%
Published
2019-02-06
Updated
2021-11-30
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
Max CVSS
9.8
EPSS Score
1.35%
Published
2019-02-20
Updated
2021-12-03
2 vulnerabilities found