Security Release for issue #92
Briefly

from Tryton Discussion9 months ago
Ashish Kunwar found that python-sql is vulnerable to SQL injection attacks when run with -O switch or PYTHONOPTIMIZE. Attack Vector: Network, Privileges Required: Low, Impact - Confidentiality: High, Integrity: Low.
Tryton Discussionhttps://discuss.tryton.org/t/security-release-for-issue-92/7330
To mitigate the vulnerability, users are advised not to use the -O switch or PYTHONOPTIMIZE when executing python. Affected versions: <= 1.5.0, Upgrade to python-sql version >= 1.5.1.
Tryton Discussionhttps://discuss.tryton.org/t/security-release-for-issue-92/7330
Read at Tryton Discussion
#sql-injection #python-sql #vulnerability #cyber-security
[
|
]