CVE-2024-9774
Publication date 21 October 2024
Last updated 21 October 2024
Ubuntu priority
Cédric Krier has found that python-sql does not escape non-Expression for unary operators 11 (like And and Or) which makes any system exposing those vulnerable to an SQL injection attack.
Status
Package | Ubuntu Release | Status |
---|---|---|
python-sql | 24.10 oracular |
Needs evaluation
|
24.04 LTS noble |
Needs evaluation
|
|
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal |
Needs evaluation
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|