CVE-2022-40023 - Vulnerability Details - OpenCVE

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00607.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Redhat	Enterprise Linux
Sqlalchemy	Mako

Configuration 1 [-]

cpe:2.3:a:sqlalchemy:mako:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
python-mako-0:1.0.6-14.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:2893	2023-05-16T00:00:00Z
Red Hat Enterprise Linux 9
python-mako-0:1.1.4-6.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:2258	2023-05-09T00:00:00Z

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21
https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c
https://github.com/sqlalchemy/mako/issues/366
https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html
https://nvd.nist.gov/vuln/detail/CVE-2022-40023
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
https://pyup.io/vulnerabilities/CVE-2022-40023/50870/
https://www.cve.org/CVERecord?id=CVE-2022-40023

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00549}`	epss `{'score': 0.00564}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-07T00:00:00

Updated: 2024-08-03T12:07:43.228Z

Reserved: 2022-09-06T00:00:00

Link: CVE-2022-40023

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-07T13:15:09.953

Modified: 2024-11-21T07:20:44.470

Link: CVE-2022-40023

Redhat

Severity : Moderate

Publid Date: 2022-09-07T00:00:00Z

Links: CVE-2022-40023 - Bugzilla

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-40023", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-03T12:07:43.228Z", "dateReserved": "2022-09-06T00:00:00", "datePublished": "2022-09-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2022-12-27T00:00:00"}, "descriptions": [{"lang": "en", "value": "Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/sqlalchemy/mako/issues/366"}, {"url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c"}, {"url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21"}, {"url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/"}, {"name": "[debian-lts-announce] 20220921 [SECURITY] [DLA 3116-1] mako security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html"}, {"url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:07:43.228Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/sqlalchemy/mako/issues/366", "tags": ["x_transferred"]}, {"url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c", "tags": ["x_transferred"]}, {"url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21", "tags": ["x_transferred"]}, {"url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20220921 [SECURITY] [DLA 3116-1] mako security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html"}, {"url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sqlalchemy:mako:*:*:*:*:*:*:*:*", "matchCriteriaId": "A85380F0-0A58-4E13-B3E3-3DC01E7ABF3F", "versionEndExcluding": "1.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin."}, {"lang": "es", "value": "Sqlalchemy mako versiones anteriores a 1.2.2, es vulnerable a una Denegaci\u00f3n de Servicio de expresiones Regulares cuando es usada la clase Lexer para analizar. Esto tambi\u00e9n afecta a babelplugin y linguaplugin"}], "id": "CVE-2022-40023", "lastModified": "2024-11-21T07:20:44.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-07T13:15:09.953", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/sqlalchemy/mako/issues/366"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/sqlalchemy/mako/issues/366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1333"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:2893", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "python-mako-0:1.0.6-14.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2258", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "python-mako-0:1.1.4-6.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "python-mako: REDoS in Lexer class", "id": "2128977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128977"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-1333", "details": ["Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.", "A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability."], "name": "CVE-2022-40023", "package_state": [{"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Out of support scope", "package_name": "python-pecan", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Affected", "package_name": "python-pecan", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "python-pecan", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-mako", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "python-mako", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Affected", "package_name": "python-pecan", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "python-pecan", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Out of support scope", "package_name": "python-pecan", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "python-pecan", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "python-pecan", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "python-pecan", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2022-09-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-40023\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-40023\nhttps://pyup.io/vulnerabilities/CVE-2022-40023/50870/"], "threat_severity": "Moderate"}