sqlparse

A non-validating SQL parser module for Python

Version: 0.1.15 registry icon
Safety score
70
Check your open source dependency risks. Get immediate insight about security, stability and licensing risks.
Security Risks of Known Vulnerabilities
CVE-2023-30608
CWE-1333
Threat level: HIGH | CVSS score: 7.5

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit c457abd5f. Users are advised to upgrade. There are no known workarounds for this issue.



Please note that this component is affected by another vulnerability
0 Critical  |  0 High  |  1 Medium  |  0 Low  |  0 Suggest

Latest safe minor: 0.5.3 Scan your application codebase with Meterian to see all known vulnerabilities in your open source software dependencies.


Stability

Stay updated with the latest patches and releases. Plan your sofware desisgn. Avoid common known vulnerabilities fixed by the open source community

Latest patch release:   0.1.19

Latest minor release:   0.5.3

Latest major release:   --

Licensing

Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.

BSD   -   BSD License (Generic)

Is a wildcard

Not proprietary

OSI Compliant