NuytsTech Security

CVE-2019-7164

by ·

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

Date published : 2019-02-19

https://github.com/sqlalchemy/sqlalchemy/issues/4481

https://www.oracle.com/security-alerts/cpujan2021.html

Tags: