FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e4181981-ccf1-11ed-956f-7054d21a9e2a	py39-sqlalchemy10 -- multiple SQL Injection vulnerabilities 21k reports: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. nosecurity reports: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. Discovery 2019-02-06 Entry 2023-03-28 py39-sqlalchemy10 < 1.3.0 CVE-2019-7164 CVE-2019-7548 https://osv.dev/vulnerability/PYSEC-2019-123 https://osv.dev/vulnerability/PYSEC-2019-124 https://osv.dev/vulnerability/GHSA-887w-45rq-vxgf https://osv.dev/vulnerability/GHSA-38fc-9xqv-7f7q

VuXML ID

Description

e4181981-ccf1-11ed-956f-7054d21a9e2a

py39-sqlalchemy10 -- multiple SQL Injection vulnerabilities

21k reports:

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

nosecurity reports:

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

Discovery 2019-02-06
Entry 2023-03-28
py39-sqlalchemy10

< 1.3.0

CVE-2019-7164
CVE-2019-7548
https://osv.dev/vulnerability/PYSEC-2019-123
https://osv.dev/vulnerability/PYSEC-2019-124
https://osv.dev/vulnerability/GHSA-887w-45rq-vxgf
https://osv.dev/vulnerability/GHSA-38fc-9xqv-7f7q