Vulnerability Database
Blog
FAQ
Docs
CVE-2019-7164
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-7164
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-7164.json
Aliases
GHSA-887w-45rq-vxgf
PYSEC-2019-123
Related
ALSA-2019:0981
ALSA-2019:0984
DLA-1718-1
DLA-2811-1
RLSA-2019:0981
RLSA-2019:0984
Published
2019-02-20T00:29:00Z
Modified
2023-11-29T07:35:21.665673Z
Details
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
References
https://access.redhat.com/errata/RHSA-2019:0981
https://access.redhat.com/errata/RHSA-2019:0984
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00087.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00016.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html
https://lists.debian.org/debian-lts-announce/2021/11/msg00005.html
https://github.com/sqlalchemy/sqlalchemy/issues/4481
https://www.oracle.com/security-alerts/cpujan2021.html
Affected packages
Git
/
github.com/sqlalchemy/sqlalchemy
Affected ranges
Type
GIT
Repo
https://github.com/sqlalchemy/sqlalchemy
Events
Introduced
0
The exact introduced commit is unknown
Last affected
47c245b90cd3cfe76bc0cf078f740d12bf7ba2d1
Affected versions
Other
origin
rel_0_1_0
rel_0_1_1
rel_0_1_2
rel_0_1_3
rel_0_1_4
rel_0_1_5
rel_0_1_6
rel_0_1_7
rel_0_2_0
rel_0_2_1
rel_0_2_2
rel_0_2_3
rel_0_2_4
rel_0_2_5
rel_0_2_6
rel_0_2_7
rel_0_2_8
rel_0_3_0
rel_0_3_1
rel_0_3_10
rel_0_3_2
rel_0_3_3
rel_0_3_4
rel_0_3_5
rel_0_3_6
rel_0_3_7
rel_0_3_8
rel_0_3_9
rel_0_4_0
rel_0_4_1
rel_0_4_2
rel_0_4_2a
rel_0_4_2b
rel_0_4_2p3
rel_0_4_3
rel_0_4_4
rel_0_4_5
rel_0_4beta1
rel_0_4beta2
rel_0_4beta3
rel_0_4beta4
rel_0_4beta6
rel_0_5_0
rel_0_5_1
rel_0_5_2
rel_0_5_3
rel_0_5_4
rel_0_5_4p1
rel_0_5_4p2
rel_0_5_5
rel_0_5beta1
rel_0_5beta2
rel_0_5beta3
rel_0_5rc1
rel_0_5rc2
rel_0_5rc3
rel_0_5rc4
rel_0_6_0
rel_0_6_1
rel_0_6_2
rel_0_6_3
rel_0_6_4
rel_0_6_5
rel_0_6beta1
rel_0_6beta2
rel_0_6beta3
rel_0_7_0
rel_0_7_1
rel_0_7_2
rel_0_7_3
rel_0_7_4
rel_0_7_5
rel_0_7_6
rel_0_7b1
rel_0_7b2
rel_0_7b3
rel_0_7b4
rel_0_8_0
rel_0_8_0b1
rel_0_8_0b2
rel_0_8_1
rel_0_9_0
rel_0_9_0b1
rel_0_9_1
rel_0_9_2
rel_0_9_3
rel_0_9_4
rel_1_0_0
rel_1_0_0_b3
rel_1_0_0b1
rel_1_0_0b2
rel_1_0_0b4
rel_1_0_0b5
rel_1_0_1
rel_1_0_2
rel_1_0_3
rel_1_0_4
rel_1_0_5
rel_1_0_6
rel_1_0_7
rel_1_0_8
rel_1_1_0
rel_1_1_0b2
rel_1_1_0b3
rel_1_1_1
rel_1_1_2
rel_1_1_3
rel_1_1_4
rel_1_1_5
rel_1_1_6
rel_1_2_0
rel_1_2_0b1
rel_1_2_0b2
rel_1_2_1
rel_1_2_10
rel_1_2_11
rel_1_2_12
rel_1_2_13
rel_1_2_14
rel_1_2_15
rel_1_2_16
rel_1_2_17
rel_1_2_2
rel_1_2_3
rel_1_2_4
rel_1_2_5
rel_1_2_6
rel_1_2_7
rel_1_2_8
rel_1_2_9
CVE-2019-7164 - OSV