[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-30608":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":28,"downstream":29,"duplicates":62,"related":63,"reserved_at":9,"published_at":73,"modified_at":74,"state":75,"summary":76,"references_raw":85,"kevs":135,"epss":136,"epss_history":139,"metrics":402,"affected":419},"CVE-2023-30608","sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-1333","Inefficient Regular Expression Complexity","The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.","weakness","Draft","Base","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[26,27],"GHSA-rrm6-wvj7-cwh2","PYSEC-2023-87",[],[30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60],{"_key":31},"SUSE-RU-2024:1637-3",{"_key":33},"SUSE-SU-2023:2462-1",{"_key":35},"SUSE-SU-2023:2693-1",{"_key":37},"SUSE-SU-2023:2787-1",{"_key":39},"UBUNTU-CVE-2023-30608",{"_key":41},"USN-6064-1",{"_key":43},"SUSE-RU-2024:1637-1",{"_key":45},"SUSE-RU-2024:1637-2",{"_key":47},"SUSE-SU-2023:2619-1",{"_key":49},"OPENSUSE-SU-2024:12957-1",{"_key":51},"DLA-3425-1",{"_key":53},"DLA-4000-1",{"_key":55},"RHSA-2023:4591",{"_key":57},"MGASA-2023-0183",{"_key":59},"DEBIAN-CVE-2023-30608",{"_key":61},"RHSA-2023:6818",[],[64,65,66,67,68,69,70,71,72],{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":57},"2023-04-18T21:32:11.145Z","2025-11-03T21:48:07.853Z","Modified",{"cisa_kev":77,"cisa_ransomware":77,"cisa_vendor":9,"epss_severity":78,"epss_score":79,"severity":80,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":75},false,"low",0.01264,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[86,97,103,107,112,118,122,126,131],{"url":87,"sources":88,"tags":91},"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2",[89,83,90],"cve.org","osv_pypi",[92,93,94,95,96],"X Refsource CONFIRM","Patch","Vendor Advisory","WEB","Advisory",{"url":98,"sources":99,"tags":100},"https://github.com/andialbrecht/sqlparse/commit/c457abd5f097dd13fb21543381e7cfafe7d31cfb",[89,83,90],[101,93,95,102],"X Refsource MISC","FIX",{"url":104,"sources":105,"tags":106},"https://github.com/andialbrecht/sqlparse/commit/e75e35869473832a1eb67772b1adfee2db11b85a",[89,83,90],[101,93,95,102],{"url":108,"sources":109,"tags":110},"https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS",[89,83,90],[101,111,95],"Technical Description",{"url":113,"sources":114,"tags":115},"https://lists.debian.org/debian-lts-announce/2023/05/msg00017.html",[89,83,90],[116,117,95],"Mailing List","Third Party Advisory",{"url":119,"sources":120,"tags":121},"https://lists.debian.org/debian-lts-announce/2024/12/msg00022.html",[89,83,90],[95],{"url":123,"sources":124,"tags":125},"https://nvd.nist.gov/vuln/detail/CVE-2023-30608",[90],[96],{"url":127,"sources":128,"tags":129},"https://github.com/andialbrecht/sqlparse",[90],[130],"PACKAGE",{"url":132,"sources":133,"tags":134},"https://github.com/pypa/advisory-database/tree/main/vulns/sqlparse/PYSEC-2023-87.yaml",[90],[95],[],{"date":137,"score":79,"percentile":138},"2026-06-04",0.79777,[140,144,147,150,153,156,159,161,164,167,170,173,176,179,183,187,190,193,196,199,202,205,208,210,213,216,218,221,225,228,231,234,236,239,241,243,246,249,252,255,258,261,264,267,270,273,276,279,283,286,289,292,295,298,301,304,307,309,312,316,319,322,325,328,330,333,336,339,342,345,348,350,352,354,357,360,363,366,369,372,375,378,381,384,387,390,392,394,396,399],{"date":141,"score":142,"percentile":143},"2025-11-04",0.01158,0.77889,{"date":145,"score":142,"percentile":146},"2025-11-05",0.7789,{"date":148,"score":142,"percentile":149},"2025-11-06",0.77885,{"date":151,"score":142,"percentile":152},"2025-11-07",0.779,{"date":154,"score":142,"percentile":155},"2025-11-08",0.77906,{"date":157,"score":142,"percentile":158},"2025-11-09",0.77901,{"date":160,"score":142,"percentile":143},"2025-11-10",{"date":162,"score":142,"percentile":163},"2025-11-11",0.77891,{"date":165,"score":142,"percentile":166},"2025-11-12",0.77909,{"date":168,"score":142,"percentile":169},"2025-11-13",0.77919,{"date":171,"score":142,"percentile":172},"2025-11-14",0.77929,{"date":174,"score":142,"percentile":175},"2025-11-15",0.77926,{"date":177,"score":142,"percentile":178},"2025-11-16",0.77928,{"date":180,"score":181,"percentile":182},"2025-11-17",0.01127,0.77634,{"date":184,"score":185,"percentile":186},"2025-11-18",0.03002,0.85349,{"date":188,"score":185,"percentile":189},"2025-11-19",0.85351,{"date":191,"score":185,"percentile":192},"2025-11-20",0.85354,{"date":194,"score":181,"percentile":195},"2025-11-21",0.77659,{"date":197,"score":181,"percentile":198},"2025-11-22",0.77658,{"date":200,"score":181,"percentile":201},"2025-11-23",0.77644,{"date":203,"score":181,"percentile":204},"2025-11-24",0.77643,{"date":206,"score":181,"percentile":207},"2025-11-25",0.7765,{"date":209,"score":181,"percentile":198},"2025-11-26",{"date":211,"score":181,"percentile":212},"2025-11-27",0.77661,{"date":214,"score":181,"percentile":215},"2025-11-28",0.77652,{"date":217,"score":181,"percentile":212},"2025-11-29",{"date":219,"score":181,"percentile":220},"2025-11-30",0.77657,{"date":222,"score":223,"percentile":224},"2025-12-01",0.00421,0.61403,{"date":226,"score":223,"percentile":227},"2025-12-02",0.61417,{"date":229,"score":223,"percentile":230},"2025-12-03",0.61419,{"date":232,"score":181,"percentile":233},"2025-12-04",0.77648,{"date":235,"score":181,"percentile":215},"2025-12-05",{"date":237,"score":181,"percentile":238},"2025-12-06",0.77656,{"date":240,"score":181,"percentile":215},"2025-12-07",{"date":242,"score":181,"percentile":198},"2025-12-08",{"date":244,"score":181,"percentile":245},"2025-12-09",0.7768,{"date":247,"score":181,"percentile":248},"2025-12-10",0.77705,{"date":250,"score":181,"percentile":251},"2025-12-11",0.7772,{"date":253,"score":181,"percentile":254},"2025-12-12",0.7774,{"date":256,"score":181,"percentile":257},"2025-12-13",0.77741,{"date":259,"score":181,"percentile":260},"2025-12-14",0.77739,{"date":262,"score":181,"percentile":263},"2025-12-15",0.77736,{"date":265,"score":181,"percentile":266},"2025-12-16",0.77747,{"date":268,"score":181,"percentile":269},"2025-12-17",0.77756,{"date":271,"score":181,"percentile":272},"2025-12-18",0.77772,{"date":274,"score":181,"percentile":275},"2025-12-19",0.77784,{"date":277,"score":181,"percentile":278},"2025-12-20",0.77779,{"date":280,"score":281,"percentile":282},"2025-12-21",0.01223,0.78614,{"date":284,"score":281,"percentile":285},"2025-12-22",0.78617,{"date":287,"score":281,"percentile":288},"2025-12-23",0.78618,{"date":290,"score":281,"percentile":291},"2025-12-24",0.78629,{"date":293,"score":281,"percentile":294},"2025-12-25",0.7865,{"date":296,"score":281,"percentile":297},"2025-12-26",0.78648,{"date":299,"score":281,"percentile":300},"2025-12-27",0.78696,{"date":302,"score":281,"percentile":303},"2025-12-28",0.78637,{"date":305,"score":281,"percentile":306},"2025-12-29",0.78631,{"date":308,"score":281,"percentile":303},"2025-12-30",{"date":310,"score":281,"percentile":311},"2025-12-31",0.78651,{"date":313,"score":314,"percentile":315},"2026-01-01",0.00457,0.63561,{"date":317,"score":314,"percentile":318},"2026-01-02",0.63545,{"date":320,"score":314,"percentile":321},"2026-01-03",0.63544,{"date":323,"score":281,"percentile":324},"2026-01-04",0.78647,{"date":326,"score":281,"percentile":327},"2026-01-05",0.78643,{"date":329,"score":281,"percentile":294},"2026-01-06",{"date":331,"score":281,"percentile":332},"2026-01-07",0.78657,{"date":334,"score":281,"percentile":335},"2026-01-08",0.78665,{"date":337,"score":281,"percentile":338},"2026-01-09",0.78668,{"date":340,"score":281,"percentile":341},"2026-01-10",0.78671,{"date":343,"score":281,"percentile":344},"2026-01-11",0.78664,{"date":346,"score":281,"percentile":347},"2026-01-12",0.78652,{"date":349,"score":281,"percentile":297},"2026-01-13",{"date":351,"score":281,"percentile":338},"2026-01-14",{"date":353,"score":281,"percentile":341},"2026-01-15",{"date":355,"score":281,"percentile":356},"2026-01-16",0.78676,{"date":358,"score":281,"percentile":359},"2026-01-17",0.78685,{"date":361,"score":281,"percentile":362},"2026-01-18",0.78681,{"date":364,"score":281,"percentile":365},"2026-01-19",0.7868,{"date":367,"score":281,"percentile":368},"2026-01-20",0.78679,{"date":370,"score":281,"percentile":371},"2026-01-21",0.78684,{"date":373,"score":281,"percentile":374},"2026-01-22",0.78692,{"date":376,"score":281,"percentile":377},"2026-01-23",0.78719,{"date":379,"score":281,"percentile":380},"2026-01-24",0.7873,{"date":382,"score":281,"percentile":383},"2026-01-25",0.78724,{"date":385,"score":281,"percentile":386},"2026-01-26",0.7872,{"date":388,"score":281,"percentile":389},"2026-01-27",0.78718,{"date":391,"score":281,"percentile":383},"2026-01-28",{"date":393,"score":281,"percentile":389},"2026-01-29",{"date":395,"score":281,"percentile":386},"2026-01-30",{"date":397,"score":281,"percentile":398},"2026-01-31",0.78722,{"date":400,"score":314,"percentile":401},"2026-02-01",0.63591,[403,410,414],{"source":89,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":404,"cvss_v4_0":9},{"baseScore":405,"baseSeverity":406,"vectorString":407,"impactScore":408,"exploitabilityScore":409},5.5,"MEDIUM","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",6,4.6,{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":411,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":412,"vectorString":84,"impactScore":408,"exploitabilityScore":413},"HIGH",10,{"source":90,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":415,"cvss_v4_0":416},{"baseScore":405,"baseSeverity":9,"vectorString":407,"impactScore":408,"exploitabilityScore":409},{"baseScore":417,"baseSeverity":9,"vectorString":418,"impactScore":9,"exploitabilityScore":9},6.9,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[420,432,441,451],{"ecosystem":9,"name":421,"vendor":422,"product":421,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":424},"sqlparse","andialbrecht","a",[425],{"version":426,"is_range":427,"range_type":89,"version_start":428,"version_start_type":429,"version_end":430,"version_end_type":431,"fixed_in":9},">= 0.1.15, \u003C 0.4.4",true,"0.1.15","including","0.4.4","excluding",{"ecosystem":9,"name":433,"vendor":434,"product":435,"cpe_part":436,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":437},"debian linux","debian","debian_linux","o",[438],{"version":439,"is_range":77,"range_type":440,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":442,"name":421,"vendor":442,"product":421,"cpe_part":9,"purl_type":443,"purl_namespace":9,"purl_name":421,"source":9,"versions":444},"PyPI","pypi",[445,449],{"version":446,"is_range":427,"range_type":447,"version_start":9,"version_start_type":9,"version_end":448,"version_end_type":431,"fixed_in":9},"lte75e35869473832a1eb67772b1adfee2db11b85a","ecosystem","e75e35869473832a1eb67772b1adfee2db11b85a",{"version":450,"is_range":427,"range_type":447,"version_start":428,"version_start_type":429,"version_end":430,"version_end_type":431,"fixed_in":9},"gte0_1_15_lt0_4_4",{"ecosystem":9,"name":421,"vendor":452,"product":421,"cpe_part":423,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":453},"sqlparse_project",[454],{"version":455,"is_range":427,"range_type":440,"version_start":428,"version_start_type":429,"version_end":430,"version_end_type":431,"fixed_in":9},"gte0.1.15_lt0.4.4"]