vulnerability

Red Hat: CVE-2024-36039: python-pymysql: SQL injection if used with untrusted JSON input (Multiple Advisories)

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	2024-05-21	2024-07-03	2024-11-13

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

2024-05-21

Added

2024-07-03

Modified

2024-11-13

Description

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.

redhat-upgrade-python3-11-pymysqlredhat-upgrade-python3-11-pymysql-rsaredhat-upgrade-python3-12-pymysqlredhat-upgrade-python3-12-pymysql-rsa

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.