Tag: Escaping
Problems related to improper escaping of strings or data, leading to injection or parsing issues
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0030 Medium Impact: 6/10 Mitigation: 2/10 | SQLAlchemy create_engine fails when password contains special characters like @ | SQLAlchemy applications using `create_engine()` may fail to connect to a database if the username or password contains special characters (e.g., `@`, `:`, `/`, `#`). These characters must be URL-encoded when included in the database connection string. Failure to encode them leads to parsing errors or incorrect credential usage. | Orm | sqlalchemy | SqlalchemyConfigurationPasswordUriEscapingConnectionKnown IssuePublic |