MidnightBSD

Advisories for sqlalchemy

CVE-2012-0805 HIGH

Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sqlalchemy sqlalchemy 0.6.7
sqlalchemy sqlalchemy 0.7.0
sqlalchemy sqlalchemy *
sqlalchemy sqlalchemy 0.6.3
sqlalchemy sqlalchemy 0.6.1
sqlalchemy sqlalchemy 0.6.2
sqlalchemy sqlalchemy 0.6.6
sqlalchemy sqlalchemy 0.6.5
sqlalchemy sqlalchemy 0.6.0
sqlalchemy sqlalchemy 0.6.4
CVE-2019-7164 HIGH

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
opensuse backports_sle 15.0
debian debian_linux 8.0
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_aus 8.4
sqlalchemy sqlalchemy 1.3.0
redhat enterprise_linux_eus 8.1
debian debian_linux 9.0
redhat enterprise_linux_eus 8.4
sqlalchemy sqlalchemy *
oracle communications_operations_monitor 4.3
opensuse leap 15.0
redhat enterprise_linux_server_tus 8.2
opensuse leap 15.1
redhat enterprise_linux_server_tus 8.4
oracle communications_operations_monitor 4.2
redhat enterprise_linux 8.0
CVE-2019-7548 MEDIUM

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sqlalchemy sqlalchemy 1.2.17
opensuse backports_sle 15.0
debian debian_linux 8.0
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_eus 8.1
debian debian_linux 9.0
redhat enterprise_linux_eus 8.4
oracle communications_operations_monitor 4.3
opensuse leap 15.0
redhat enterprise_linux_server_tus 8.2
opensuse leap 15.1
redhat enterprise_linux_server_tus 8.4
oracle communications_operations_monitor 4.2
redhat enterprise_linux 8.0
CVE-2022-40023

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
sqlalchemy mako *
debian debian_linux 10.0
CVE-2026-41205

Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
sqlalchemy mako *