Closed jsjiang closed 1 month ago
Dependabot alerts:
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
Currently we have PyMySQL~=0.9.3
Update the requirements.txt and requirements-dev.txt files with the latest PyMySQL version:
PyMySQL~=1.1.1
Update both PyMySQL and aiomysql:
-aiomysql~=0.0.21 +aiomysql~=0.2.0 -PyMySQL~=0.9.3 +PyMySQL~=1.1.1
Upgraded in release v3.2.10
Dependabot alerts:
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
Currently we have PyMySQL~=0.9.3
Update the requirements.txt and requirements-dev.txt files with the latest PyMySQL version:
PyMySQL~=1.1.1