67ff87ebca
In node_cache.find_node() we were constructing a raw SQL query using
unescaped data that came in on the wire. This presented an SQL injection
vulnerability. To avoid this, use the query builder from SQLAlchemy to
ensure that any input strings are correctly escaped.
Change-Id: I2b0ffa307ec1aa57538733f2e454d2d7e994d656
Story: #2005678
Task: 30992
(cherry picked from commit
|
||
---|---|---|
.. | ||
unit | ||
__init__.py | ||
base.py | ||
functional.py |