[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-32839":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":87,"duplicate_of":9,"upstream":90,"downstream":91,"duplicates":108,"related":109,"reserved_at":9,"published_at":114,"modified_at":115,"state":116,"summary":117,"references_raw":126,"kevs":165,"epss":166,"epss_history":169,"metrics":433,"affected":450},"CVE-2021-32839","sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\\r\\n' in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround don't use the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. The issues has been fixed in sqlparse 0.4.2.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[88,89],"GHSA-p5w8-wqhj-9hhf","PYSEC-2021-333",[],[92,94,96,98,100,102,104,106],{"_key":93},"SUSE-SU-2021:3857-1",{"_key":95},"UBUNTU-CVE-2021-32839",{"_key":97},"OPENSUSE-SU-2021:3857-1",{"_key":99},"OPENSUSE-SU-2024:11581-1",{"_key":101},"OPENSUSE-SU-2024:13938-1",{"_key":103},"DLA-4000-1",{"_key":105},"DEBIAN-CVE-2021-32839",{"_key":107},"RHSA-2022:5498",[],[110,111,112,113],{"_key":93},{"_key":97},{"_key":99},{"_key":101},"2021-09-20T17:10:12.000Z","2025-11-03T21:44:47.559Z","Modified",{"cisa_kev":118,"cisa_ransomware":118,"cisa_vendor":9,"epss_severity":119,"epss_score":120,"severity":121,"severity_score":122,"severity_version":123,"severity_source":124,"severity_vector":125,"severity_status":116},false,"low",0.00122,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[127,137,144,148,152,157,161],{"url":128,"sources":129,"tags":132},"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf",[124,130,131],"nvd","osv_pypi",[133,134,135,136],"X Refsource CONFIRM","Third Party Advisory","WEB","Advisory",{"url":138,"sources":139,"tags":140},"https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb",[124,130,131],[141,142,134,135,143],"X Refsource MISC","Patch","FIX",{"url":145,"sources":146,"tags":147},"https://lists.debian.org/debian-lts-announce/2024/12/msg00022.html",[124,130,131],[135],{"url":149,"sources":150,"tags":151},"https://nvd.nist.gov/vuln/detail/CVE-2021-32839",[131],[136],{"url":153,"sources":154,"tags":155},"https://github.com/andialbrecht/sqlparse",[131],[156],"PACKAGE",{"url":158,"sources":159,"tags":160},"https://github.com/pypa/advisory-database/tree/main/vulns/sqlparse/PYSEC-2021-333.yaml",[131],[135],{"url":162,"sources":163,"tags":164},"https://securitylab.github.com/advisories/GHSL-2021-107-andialbrecht-sqlparse",[131],[136],[],{"date":167,"score":120,"percentile":168},"2026-06-04",0.30864,[170,174,177,181,184,187,190,193,196,199,202,205,208,211,214,218,221,224,227,229,232,235,237,240,243,246,249,252,254,257,260,263,266,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,327,329,332,335,337,340,343,346,349,352,354,357,360,363,366,369,371,374,377,380,382,384,387,389,392,395,398,401,404,407,410,413,416,419,423,427,430],{"date":171,"score":172,"percentile":173},"2025-11-04",0.00121,0.31775,{"date":175,"score":172,"percentile":176},"2025-11-05",0.31753,{"date":178,"score":179,"percentile":180},"2025-11-06",0.0012,0.31715,{"date":182,"score":179,"percentile":183},"2025-11-07",0.31734,{"date":185,"score":179,"percentile":186},"2025-11-08",0.31736,{"date":188,"score":179,"percentile":189},"2025-11-09",0.31712,{"date":191,"score":179,"percentile":192},"2025-11-10",0.31664,{"date":194,"score":179,"percentile":195},"2025-11-11",0.31681,{"date":197,"score":179,"percentile":198},"2025-11-12",0.31726,{"date":200,"score":179,"percentile":201},"2025-11-13",0.31745,{"date":203,"score":179,"percentile":204},"2025-11-14",0.31748,{"date":206,"score":179,"percentile":207},"2025-11-15",0.3175,{"date":209,"score":179,"percentile":210},"2025-11-16",0.31714,{"date":212,"score":179,"percentile":213},"2025-11-17",0.3169,{"date":215,"score":216,"percentile":217},"2025-11-18",0.00392,0.57477,{"date":219,"score":216,"percentile":220},"2025-11-19",0.57494,{"date":222,"score":216,"percentile":223},"2025-11-20",0.57484,{"date":225,"score":179,"percentile":226},"2025-11-21",0.31731,{"date":228,"score":179,"percentile":186},"2025-11-22",{"date":230,"score":179,"percentile":231},"2025-11-23",0.31709,{"date":233,"score":179,"percentile":234},"2025-11-24",0.31685,{"date":236,"score":179,"percentile":195},"2025-11-25",{"date":238,"score":179,"percentile":239},"2025-11-26",0.31682,{"date":241,"score":179,"percentile":242},"2025-11-27",0.31695,{"date":244,"score":179,"percentile":245},"2025-11-28",0.31674,{"date":247,"score":179,"percentile":248},"2025-11-29",0.31657,{"date":250,"score":179,"percentile":251},"2025-11-30",0.31636,{"date":253,"score":179,"percentile":210},"2025-12-01",{"date":255,"score":179,"percentile":256},"2025-12-02",0.31744,{"date":258,"score":179,"percentile":259},"2025-12-03",0.31742,{"date":261,"score":179,"percentile":262},"2025-12-04",0.31639,{"date":264,"score":179,"percentile":265},"2025-12-05",0.31675,{"date":267,"score":179,"percentile":265},"2025-12-06",{"date":269,"score":179,"percentile":270},"2025-12-07",0.31647,{"date":272,"score":179,"percentile":273},"2025-12-08",0.31661,{"date":275,"score":179,"percentile":276},"2025-12-09",0.31713,{"date":278,"score":179,"percentile":279},"2025-12-10",0.31773,{"date":281,"score":179,"percentile":282},"2025-12-11",0.31809,{"date":284,"score":179,"percentile":285},"2025-12-12",0.31842,{"date":287,"score":179,"percentile":288},"2025-12-13",0.31828,{"date":290,"score":179,"percentile":291},"2025-12-14",0.31801,{"date":293,"score":179,"percentile":294},"2025-12-15",0.31751,{"date":296,"score":179,"percentile":297},"2025-12-16",0.31769,{"date":299,"score":179,"percentile":300},"2025-12-17",0.31819,{"date":302,"score":179,"percentile":303},"2025-12-18",0.31868,{"date":305,"score":179,"percentile":306},"2025-12-19",0.31894,{"date":308,"score":179,"percentile":309},"2025-12-20",0.31874,{"date":311,"score":179,"percentile":312},"2025-12-21",0.31818,{"date":314,"score":179,"percentile":315},"2025-12-22",0.31786,{"date":317,"score":179,"percentile":318},"2025-12-23",0.31767,{"date":320,"score":179,"percentile":321},"2025-12-24",0.31758,{"date":323,"score":179,"percentile":324},"2025-12-25",0.31832,{"date":326,"score":179,"percentile":300},"2025-12-26",{"date":328,"score":179,"percentile":324},"2025-12-27",{"date":330,"score":179,"percentile":331},"2025-12-28",0.31754,{"date":333,"score":179,"percentile":334},"2025-12-29",0.31721,{"date":336,"score":179,"percentile":180},"2025-12-30",{"date":338,"score":179,"percentile":339},"2025-12-31",0.31765,{"date":341,"score":179,"percentile":342},"2026-01-01",0.31909,{"date":344,"score":179,"percentile":345},"2026-01-02",0.31897,{"date":347,"score":179,"percentile":348},"2026-01-03",0.31878,{"date":350,"score":179,"percentile":351},"2026-01-04",0.31738,{"date":353,"score":179,"percentile":198},"2026-01-05",{"date":355,"score":179,"percentile":356},"2026-01-06",0.31739,{"date":358,"score":179,"percentile":359},"2026-01-07",0.31762,{"date":361,"score":179,"percentile":362},"2026-01-08",0.31789,{"date":364,"score":179,"percentile":365},"2026-01-09",0.31785,{"date":367,"score":179,"percentile":368},"2026-01-10",0.31787,{"date":370,"score":179,"percentile":176},"2026-01-11",{"date":372,"score":179,"percentile":373},"2026-01-12",0.3168,{"date":375,"score":179,"percentile":376},"2026-01-13",0.31667,{"date":378,"score":179,"percentile":379},"2026-01-14",0.31711,{"date":381,"score":179,"percentile":231},"2026-01-15",{"date":383,"score":179,"percentile":183},"2026-01-16",{"date":385,"score":179,"percentile":386},"2026-01-17",0.31729,{"date":388,"score":179,"percentile":245},"2026-01-18",{"date":390,"score":179,"percentile":391},"2026-01-19",0.3164,{"date":393,"score":179,"percentile":394},"2026-01-20",0.31625,{"date":396,"score":179,"percentile":397},"2026-01-21",0.31575,{"date":399,"score":179,"percentile":400},"2026-01-22",0.31552,{"date":402,"score":179,"percentile":403},"2026-01-23",0.31616,{"date":405,"score":179,"percentile":406},"2026-01-24",0.31629,{"date":408,"score":179,"percentile":409},"2026-01-25",0.31561,{"date":411,"score":179,"percentile":412},"2026-01-26",0.3147,{"date":414,"score":179,"percentile":415},"2026-01-27",0.31456,{"date":417,"score":179,"percentile":418},"2026-01-28",0.31432,{"date":420,"score":421,"percentile":422},"2026-01-29",0.00107,0.29359,{"date":424,"score":425,"percentile":426},"2026-01-30",0.00112,0.30177,{"date":428,"score":425,"percentile":429},"2026-01-31",0.3018,{"date":431,"score":425,"percentile":432},"2026-02-01",0.30249,[434,439,445],{"source":124,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":435,"cvss_v4_0":9},{"baseScore":122,"baseSeverity":436,"vectorString":125,"impactScore":437,"exploitabilityScore":438},"HIGH",6,10,{"source":130,"cvss_v2_0":440,"cvss_v3_0":9,"cvss_v3_1":444,"cvss_v4_0":9},{"baseScore":441,"baseSeverity":9,"vectorString":442,"impactScore":443,"exploitabilityScore":438},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,{"baseScore":122,"baseSeverity":436,"vectorString":125,"impactScore":437,"exploitabilityScore":438},{"source":131,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":446,"cvss_v4_0":447},{"baseScore":122,"baseSeverity":9,"vectorString":125,"impactScore":437,"exploitabilityScore":438},{"baseScore":448,"baseSeverity":9,"vectorString":449,"impactScore":9,"exploitabilityScore":9},8.7,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[451,463,474],{"ecosystem":9,"name":452,"vendor":453,"product":452,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":455},"sqlparse","andialbrecht","a",[456],{"version":457,"is_range":458,"range_type":124,"version_start":459,"version_start_type":460,"version_end":461,"version_end_type":462,"fixed_in":9},">= 0.4.0, \u003C 0.4.2",true,"0.4.0","including","0.4.2","excluding",{"ecosystem":464,"name":452,"vendor":464,"product":452,"cpe_part":9,"purl_type":465,"purl_namespace":9,"purl_name":452,"source":9,"versions":466},"PyPI","pypi",[467,472],{"version":468,"is_range":458,"range_type":469,"version_start":470,"version_start_type":460,"version_end":471,"version_end_type":462,"fixed_in":9},"gte1499cffcd7c4d635b4297b44d48fb4fe94cf988e_lt8238a9e450ed1524e40cb3a8b0b3c00606903aeb","ecosystem","1499cffcd7c4d635b4297b44d48fb4fe94cf988e","8238a9e450ed1524e40cb3a8b0b3c00606903aeb",{"version":473,"is_range":458,"range_type":469,"version_start":459,"version_start_type":460,"version_end":461,"version_end_type":462,"fixed_in":9},"gte0_4_0_lt0_4_2",{"ecosystem":9,"name":452,"vendor":475,"product":452,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":476},"sqlparse_project",[477],{"version":478,"is_range":458,"range_type":479,"version_start":459,"version_start_type":460,"version_end":461,"version_end_type":462,"fixed_in":9},"gte0.4.0_lt0.4.2","cpe"]