Untriaged
Python-sql: python-sql unary operators does not escape non-expression
A vulnerability was found in python-sql where unary operators do not escape non-Expression.
References
- https://discuss.tryton.org/t/security-release-for-issue-93/7889/3
- https://lists.debian.org/debian-lts-announce/2024/10/msg00023.html
- RHBZ#2332734 issue-tracking x_refsource_REDHAT
- https://discuss.tryton.org/t/security-release-for-issue-93/7889/3
- https://lists.debian.org/debian-lts-announce/2024/10/msg00023.html
- https://access.redhat.com/security/cve/CVE-2024-9774 x_refsource_REDHAT vdb-entry
- RHBZ#2332734 issue-tracking x_refsource_REDHAT
- https://discuss.tryton.org/t/security-release-for-issue-93/7889/3
- https://lists.debian.org/debian-lts-announce/2024/10/msg00023.html
- https://discuss.tryton.org/t/security-release-for-issue-93/7889/3
- https://access.redhat.com/security/cve/CVE-2024-9774 x_refsource_REDHAT vdb-entry
- RHBZ#2332734 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2024/10/msg00023.html
Affected products
python-sql
- <1.5.2
Matching in nixpkgs
pkgs.python312Packages.python-sql
Library to write SQL queries in a pythonic way
-
nixos-unstable -
- nixpkgs-unstable 1.6.0
pkgs.python313Packages.python-sql
Library to write SQL queries in a pythonic way
-
nixos-unstable -
- nixpkgs-unstable 1.6.0
pkgs.python312Packages.ipython-sql
Introduces a %sql (or %%sql) magic
-
nixos-unstable -
- nixpkgs-unstable 0.5.0
pkgs.python313Packages.ipython-sql
Introduces a %sql (or %%sql) magic
-
nixos-unstable -
- nixpkgs-unstable 0.5.0
Package maintainers
-
@cpcloud Phillip Cloud
-
@johbo Johannes Bornhold <johannes@bornhold.name>