sqlpad vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the sqlpad package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H SQL Injection	<7.5.7-r14
L GHSA-6457-6jrx-69cr	<7.5.7-r14
M Directory Traversal	<7.5.7-r13
L GHSA-9ppj-qmqm-q256	<7.5.7-r13
M Directory Traversal	<7.5.7-r13
L GHSA-qffp-2rhf-9h96	<7.5.7-r13
L GHSA-869p-cjfg-cm3x	<7.5.7-r4
L Resource Exhaustion	<7.5.4-r0
L GHSA-x3m8-899r-f7c3	<7.5.2-r2
L GHSA-vj76-c3g6-qr5v	<7.5.7-r1
L GHSA-pxg6-pf52-xh8x	<7.5.2-r2
L GHSA-9wv6-86v2-598j	<7.5.0-r1
L GHSA-v6h2-p8h4-qcjw	<7.5.4-r0
L Directory Traversal	<7.5.7-r1
L Improper Verification of Cryptographic Signature	<7.5.7-r4
H Inefficient Regular Expression Complexity	<7.5.7-r10
L GHSA-34x7-hfp2-rc4v	<7.5.7-r9
L CVE-2025-12758	<7.5.7-r4
L CVE-2024-47764	<7.5.2-r2
L CVE-2025-7339	<7.5.4-r3
L GHSA-76c9-3jph-rj3q	<7.5.4-r3
L GHSA-xxjr-mmjv-4gpg	<7.5.7-r9
L GHSA-378v-28hj-76wf	<7.5.7-r10
L GHSA-9965-vmph-33xx	<7.5.7-r4
L Improper Verification of Cryptographic Signature	<7.5.2-r2
L GHSA-cm22-4g7w-348p	<7.5.0-r1
M CVE-2025-13465	<7.5.7-r9
L CVE-2025-56200	<7.5.7-r4
M Cross-site Scripting (XSS)	<7.5.0-r1
L GHSA-3ppc-4f35-3m26	<7.5.7-r10
L CVE-2026-2739	<7.5.7-r10
L Directory Traversal	<7.5.7-r9
L CVE-2025-57350	<7.5.7-r9
L GHSA-vrw9-g62v-7fmf	<7.5.7-r9
H CVE-2026-2391	<7.5.7-r10
L GHSA-pq67-2wwv-3xjx	<7.5.3-r1
L CVE-2024-12905	<7.5.3-r1
M Cross-site Scripting (XSS)	<7.5.0-r1
L Inefficient Regular Expression Complexity	<7.5.2-r0
L GHSA-8qq5-rm4j-mr97	<7.5.7-r6
H Directory Traversal	<7.5.7-r10
M Directory Traversal	<7.5.7-r6
L GHSA-m6fv-jmcg-4jfg	<7.5.0-r1
L GHSA-vghf-hv5q-vc2g	<7.5.7-r4
L GHSA-rhx6-c78j-4q9w	<7.5.2-r0
L Inefficient Regular Expression Complexity	<7.5.0-r1
L CVE-2025-15284	<7.5.7-r5
L GHSA-6rw7-vpxm-498p	<7.5.7-r5
L GHSA-8cj5-5rvv-wf4v	<7.5.3-r2
M Improper Handling of Unicode Encoding	<7.5.7-r6
M Cross-site Scripting (XSS)	<7.5.0-r1
L GHSA-3xgq-45jj-v275	<7.5.1-r1
L CVE-2024-21538	<7.5.1-r1
L Directory Traversal	<7.5.3-r2
L GHSA-r6q2-hw4h-h46w	<7.5.7-r6
L GHSA-qw6h-vgh9-j6wx	<7.5.0-r1
L Inefficient Regular Expression Complexity	<7.5.7-r8
L GHSA-7h2j-956f-4vf2	<7.5.7-r8
L GHSA-w7fw-mjwx-w883	<7.5.7-r10
L Improper Verification of Cryptographic Signature	<7.5.2-r2
L CVE-2025-7783	<7.5.4-r4
H CVE-2024-45590	<7.5.0-r1
L GHSA-9p8x-f768-wp2g	<7.5.2-r2
L Improperly Controlled Modification of Dynamically-Determined Object Attributes	<7.5.7-r3
L GHSA-fjxv-7rqg-78g4	<7.5.4-r4
L GHSA-pj86-cfqh-vqx6	<7.5.7-r3
L GHSA-83g3-92jg-28cx	<7.5.7-r10
L GHSA-qwcr-r2fm-qrc7	<7.5.0-r1
L CVE-2024-29415	<7.4.3-r0
L GHSA-pmh2-wpjm-fj45	<7.4.3-r0
L CVE-2024-21512	<7.4.3-r0
L GHSA-2p57-rm9w-gvfp	<7.4.3-r0
M Race Condition	<7.4.3-r0
L GHSA-m5vv-6r4h-3vj9	<7.4.3-r0
L GHSA-mqr2-w7wj-jjgr	<7.4.1-r4
L CVE-2024-21511	<7.4.1-r4
L GHSA-4rch-2fh8-94vw	<7.4.1-r4
L CVE-2024-21509	<7.4.1-r4
L CVE-2024-21508	<7.4.1-r4
L GHSA-fpw7-j2hg-69v5	<7.4.1-r4
L GHSA-49j4-86m8-q2jw	<7.4.1-r4
M CVE-2024-21507	<7.4.1-r4
L CVE-2024-22363	<7.4.1-r3
L CVE-2024-28863	<7.4.1-r3
L GHSA-5pgg-2g8v-p4x9	<7.4.1-r3
L GHSA-f5x3-32g6-xq36	<7.4.1-r3
L CVE-2024-29041	<7.4.1-r3
L GHSA-rv95-896h-c2vc	<7.4.1-r3
L GHSA-hhhv-q57g-882q	<7.4.1-r2
M CVE-2024-28176	<7.4.1-r2
L GHSA-78xj-cgh5-2h22	<7.4.1-r1
C Server-Side Request Forgery (SSRF)	<7.4.1-r1

Vulnerability

Vulnerable Version

SQL Injection

<7.5.7-r14