Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-36830

Опубликовано: 06 июл. 2023
Источник: nvd
CVSS3: 6.3
CVSS3: 7.8
EPSS Низкий

Описание

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the library_path config value to allow arbitrary python code to be executed via macros. For many users who use SQLFluff in the context of an environment where all users already have fairly escalated privileges, this may not be an issue - however in larger user bases, or where SQLFluff is bundled into another tool where developers still wish to give users access to supply their on rule configuration, this may be an issue.

The 2.1.2 release offers the ability for the library_path argument to be overwritten on the command line by using the --library-path option. This overrides any values provided in the config files and effectively prevents this route of attack for users which have access to the config file, but not to the scripts which call the SQLFluff CLI directly. A similar option is prov

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:sqlfluff:sqlfluff:*:*:*:*:*:*:*:*
Версия до 2.1.2 (исключая)

EPSS

Процентиль: 34%
0.00138
Низкий

6.3 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-74

Связанные уязвимости

ubuntu логотип

CVE-2023-36830

CVSS3: 6.3
ubuntu
больше 2 лет назад

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the `library_path` config value to allow arbitrary python code to be executed via macros. For many users who use SQLFluff in the context of an environment where all users already have fairly escalated privileges, this may not be an issue - however in larger user bases, or where SQLFluff is bundled into another tool where developers still wish to give users access to supply their on rule configuration, this may be an issue. The 2.1.2 release offers the ability for the `library_path` argument to be overwritten on the command line by using the `--library-path` option. This overrides any values provided in the config files and effectively prevents this route of attack for users which have access to the config file, but not to the scripts which call the SQLFluff CLI directly. A similar option is pr...

debian логотип

CVE-2023-36830

CVSS3: 6.3
debian
больше 2 лет назад

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments wher ...

github логотип

GHSA-jqhc-m2j3-fjrx

CVSS3: 6.3
github
больше 2 лет назад

SQLFluff users with access to config file, using `libary_path` may call arbitrary python code

EPSS

Процентиль: 34%
0.00138
Низкий

6.3 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-74