diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-30 23:04:38 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-30 23:04:38 +0200 |
commit | 73ab4ae676dededfb398da9a66d1c96da38c4d69 (patch) | |
tree | 78a81bfb8f4bda031b9c00cb46d5c300e8f15c41 | |
parent | b67d8b65b7526117513bb233227848707dfd7ce9 (diff) |
Add CVE-2024-4340/sqlparse
-rw-r--r-- | data/CVE/list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 0f4a3b0847..f2f23fe730 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,5 +1,7 @@ CVE-2024-4340 (Passing a heavily nested list to sqlparse.parse() leads to a Denial of ...) - TODO: check + - sqlparse <unfixed> + NOTE: Fixed by: https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03 (0.5.0) + NOTE: https://github.com/advisories/GHSA-2m57-hf25-phgg CVE-2024-4337 (Adive Framework 2.0.8, does not sufficiently encode user-controlled in ...) NOT-FOR-US: Adive Framework CVE-2024-4336 (Adive Framework 2.0.8, does not sufficiently encode user-controlled in ...) |