Known Vulnerabilities for products from Sqlalchemy
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Sqlalchemy".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45360 json | Not Provided | 2026-06-01 | 2026-06-02 | |
| CVE-2026-41205 json | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal ... | Not Provided | 2026-04-23 | 2026-05-20 |
| CVE-2026-29080 json | Not Provided | 2026-05-06 | 2026-05-06 | |
| CVE-2026-7813 json | Not Provided | 2026-05-11 | 2026-05-11 | |
| CVE-2022-40023 json | Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This ... | 7.5 - HIGH | 2022-09-07 | 2023-08-08 |
| CVE-2019-7548 json | SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | 7.8 - HIGH | 2019-02-06 | 2021-11-30 |
| CVE-2019-7164 json | SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. | 9.8 - CRITICAL | 2019-02-20 | 2021-12-03 |
| CVE-2012-0805 json | Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute a... | Not Provided | 2012-06-05 | 2026-04-29 |
Known software with vulnerabilities from Sqlalchemy
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sqlalchemy | Sqlalchemy | 0.1.0 |