Описание
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code-not-present |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | ignored | |
| precise | not-affected | code-not-present |
| quantal | not-affected | code-not-present |
| raring | not-affected | code-not-present |
| saucy | not-affected | code-not-present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.7.4-1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 0.6.8-1 |
| precise | not-affected | 0.7.4-1 |
| quantal | not-affected | 0.7.4-1 |
| raring | not-affected | 0.7.4-1 |
| saucy | not-affected | 0.7.4-1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, a ...
ELSA-2012-0369: python-sqlalchemy security update (MODERATE)
7.5 High
CVSS2