SQLAlchemy@0.4.8 vulnerabilities
Database Abstraction Library
latest version
2.0.43
latest non vulnerable version
first published
19 years ago
latest version published
1 months ago
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the SQLAlchemy package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
SQLAlchemy is a python SQL Toolkit and Object Relational Mapper. Affected versions of this package are vulnerable to SQL Injection. Allows remote attackers to execute arbitrary SQL commands via the (1) limit, or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. How to fix SQL Injection? Upgrade | [,0.6.7) |
SQLAlchemy is a python SQL Toolkit and Object Relational Mapper. Affected versions of this package are vulnerable to SQL Injection when the NOTE: This vulnerability has also been identified as: CVE-2019-7548 How to fix SQL Injection? Upgrade | [,1.2.18) |
SQLAlchemy is a python SQL Toolkit and Object Relational Mapper. Affected versions of this package are vulnerable to SQL Injection when the NOTE: This vulnerability has also been identified as: CVE-2019-7164 How to fix SQL Injection? Upgrade | [,1.2.18) |