subject:"\[sqlalchemy\] SqlAlchemy vulnerabilities CVE\-2019\-7164"

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

2019-09-13 Thread 'ANAND NARAYAN' via sqlalchemy

Mike thanks for sharing the information. Best Regards, Anand On Friday, September 13, 2019 at 8:01:22 PM UTC+5:30, Mike Bayer wrote: > > yes. per the headline linked in that article: "SQLAlchemy through 1.2.17 > and 1.3.x **through 1.3.0b2** allows SQL Injection via the order_by > parameter."

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

2019-09-13 Thread 'ANAND NARAYAN' via sqlalchemy

Brian thanks for sharing the information. Best Regards, Anand On Friday, September 13, 2019 at 8:01:22 PM UTC+5:30, Mike Bayer wrote: > > yes. per the headline linked in that article: "SQLAlchemy through 1.2.17 > and 1.3.x **through 1.3.0b2** allows SQL Injection via the order_by > parameter."

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

2019-09-13 Thread Mike Bayer

yes. per the headline linked in that article: "SQLAlchemy through 1.2.17 and 1.3.x **through 1.3.0b2** allows SQL Injection via the order_by parameter." Version 1.3.8 is much newer than version 1.3.0b2. The changelog for the issue is noted in 1.3.0b3 at https://docs.sqlalchemy.org/en/13/changel

[sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

2019-09-13 Thread 'ANAND NARAYAN' via sqlalchemy

Hi, Is the security vulneratbility listed in National Vulnerability Database ( https://nvd.nist.gov/vuln/detail/CVE-2019-7164 ) fixed in latest version v1.3.8 ? Thanks Regards Anand -- SQLAlchemy - The Python SQL Too

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

Re: [sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

[sqlalchemy] SqlAlchemy vulnerabilities CVE-2019-7164

4 matches

Site Navigation

Mail list logo

Footer information