CVE-2021-32839: Uncontrolled Resource Consumption
(updated )
sqlparse is a non-validating SQL parser module for Python. There is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression.
References
Detect and mitigate CVE-2021-32839 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →