Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-7164: fully deprecate textual coercion in where(), filter(), order_by(), add docnotes not to pass untrusted input to thsee · Issue #4481 · sqlalchemy/sqlalchemy

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

CVE
#sql

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907