vulnerability

Red Hat: CVE-2024-36039: python-pymysql: SQL injection if used with untrusted JSON input (Multiple Advisories)

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	05/21/2024	07/03/2024	11/13/2024

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

05/21/2024

Added

07/03/2024

Modified

11/13/2024

Description

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.

redhat-upgrade-python3-11-pymysqlredhat-upgrade-python3-11-pymysql-rsaredhat-upgrade-python3-12-pymysqlredhat-upgrade-python3-12-pymysql-rsa

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.