CVE-2022-40023

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-40023
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-40023.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-40023
Aliases
Downstream
Related
Published
2022-09-07T00:00:00Z
Modified
2026-05-14T11:52:03.168907882Z
Summary
[none]
Details

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

Database specific 
{
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/40xxx/CVE-2022-40023.json"
}
References

Affected packages

Git / github.com/sqlalchemy/mako

Affected ranges

Type
GIT
Repo
https://github.com/sqlalchemy/mako
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5054cc07ce6a957143251d32a963b8e0e437457a

Affected versions

Other
rel_0_1_0
rel_0_1_1
rel_0_1_10
rel_0_1_2
rel_0_1_3
rel_0_1_4
rel_0_1_5
rel_0_1_6
rel_0_1_7
rel_0_1_8
rel_0_1_9
rel_0_2_0
rel_0_2_1
rel_0_2_2
rel_0_2_3
rel_0_2_4
rel_0_2_5
rel_0_3_0
rel_0_3_1
rel_0_3_2
rel_0_3_3
rel_0_3_4
rel_0_3_5
rel_0_3_6
rel_0_4_0
rel_0_4_1
rel_0_4_2
rel_0_5_0
rel_0_6_0
rel_0_6_1
rel_0_6_2
rel_0_7_0
rel_0_7_1
rel_0_7_2
rel_0_7_3
rel_0_8_0
rel_0_8_1
rel_0_9_0
rel_0_9_1
rel_1_0_0
rel_1_0_1
rel_1_0_10
rel_1_0_11
rel_1_0_12
rel_1_0_13
rel_1_0_14
rel_1_0_2
rel_1_0_3
rel_1_0_4
rel_1_0_5
rel_1_0_6
rel_1_0_7
rel_1_0_8
rel_1_0_9
rel_1_1_0
rel_1_1_1
rel_1_1_2
rel_1_1_3
rel_1_1_4
rel_1_1_5
rel_1_2_0
rel_1_2_1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-40023.json"