CVE-2012-0805 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-0805 Interim 1 4 2023-07-02T01:32:35Z current 2021-05-30T13:02:07Z 2023-07-02T01:32:35Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-0805 Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. CVE-2012-0805 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P