The Scalyr agent uses the Python MySQL client library, for which a critical SQL injection vulnerability injection has recently been discovered. At the time of opening this issue, the Python MySQL library version 0.9.3 is used. A patch is introduced in version 1.1.1, and upgrading to a version >= fixes the vulnerability.
Are you planning on fixing the vulnerability any time soon?
Hi Scalyr agent maintainers,
The Scalyr agent uses the Python MySQL client library, for which a critical SQL injection vulnerability injection has recently been discovered. At the time of opening this issue, the Python MySQL library version 0.9.3 is used. A patch is introduced in version 1.1.1, and upgrading to a version >= fixes the vulnerability.
Are you planning on fixing the vulnerability any time soon?
References