Описание
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse(), where a recursion error may be triggered, which can lead to a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 4 | python-sqlparse | Will not fix | ||
| Red Hat OpenStack Platform 16.1 | python-sqlparse | Not affected | ||
| Red Hat OpenStack Platform 16.2 | python-sqlparse | Not affected | ||
| Red Hat OpenStack Platform 18.0 | python-sqlparse | Affected | ||
| Red Hat Satellite 6 | python-sqlparse | Affected | ||
| Red Hat Ansible Automation Platform 2.4 for RHEL 8 | python3x-sqlparse | Fixed | RHSA-2024:3781 | 10.06.2024 |
| Red Hat Ansible Automation Platform 2.4 for RHEL 9 | python-sqlparse | Fixed | RHSA-2024:3781 | 10.06.2024 |
| Red Hat OpenStack Platform 17.1 for RHEL 8 | python-sqlparse | Fixed | RHSA-2024:9986 | 21.11.2024 |
| Red Hat OpenStack Platform 17.1 for RHEL 9 | python-sqlparse | Fixed | RHSA-2024:9984 | 21.11.2024 |
| RHUI 4 for RHEL 8 | python-sqlparse | Fixed | RHSA-2025:1335 | 12.02.2025 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-674
https://bugzilla.redhat.com/show_bug.cgi?id=2278038sqlparse: parsing heavily nested list leads to denial of service
EPSS
Процентиль: 94%
0.12788
Средний
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 1 года назад
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
CVSS3: 7.5
nvd
около 1 года назад
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
CVSS3: 7.5
debian
около 1 года назад
Passing a heavily nested list to sqlparse.parse() leads to a Denial of ...
EPSS
Процентиль: 94%
0.12788
Средний
7.5 High
CVSS3