CVE-2024-4340
Published: 30 April 2024
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
Priority
Status
Package | Release | Status |
---|---|---|
sqlparse Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Released
(0.4.2-1ubuntu0.22.04.2)
|
|
mantic |
Released
(0.4.2-1ubuntu1.1)
|
|
noble |
Released
(0.4.4-1ubuntu0.1)
|
|
upstream |
Released
(0.5.0)
|
|
xenial |
Not vulnerable
|
|
Patches: upstream: https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03 |