gmakstutis/ragflow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ragflow/rag
History
kira-offgrid f0e0783618
Fix: Database Query Vulnerable to Injection Attacks in rag/utils/opendal_conn.py (#8408) 
**Context and Purpose:**

This PR automatically remediates a security vulnerability:
- **Description:** Detected possible formatted SQL query. Use
parameterized queries instead.
- **Rule ID:**
python.lang.security.audit.formatted-sql-query.formatted-sql-query
- **Severity:** HIGH
- **File:** rag/utils/opendal_conn.py
- **Lines Affected:** 98 - 98

This change is necessary to protect the application from potential
security risks associated with this vulnerability.

**Solution Implemented:**

The automated remediation process has applied the necessary changes to
the affected code in `rag/utils/opendal_conn.py` to resolve the
identified issue.

Please review the changes to ensure they are correct and integrate as
expected.
2025-06-23 14:54:25 +08:00
..
app Fix typo in code (#8327) 2025-06-18 09:41:09 +08:00
llm Fix:embedding_model class SILICONFLOWEmbed(Base)Function reusing json (#8378) 2025-06-20 11:13:00 +08:00
nlp Fix: doc_aggs issue. (#8418) 2025-06-23 14:54:01 +08:00
res Update synonym dictionary file (#7997) 2025-06-03 09:41:53 +08:00
svr Fix: Document parse via API will alot problen (#8407) 2025-06-23 13:08:11 +08:00
utils Fix: Database Query Vulnerable to Injection Attacks in rag/utils/opendal_conn.py (#8408) 2025-06-23 14:54:25 +08:00
__init__.py Update comments (#4569) 2025-01-21 20:52:28 +08:00
benchmark.py Refactor embedding batch_size (#3825) 2024-12-03 16:22:39 +08:00
prompts.py Fix: rank feature score should be greater than 0. (#8416) 2025-06-23 14:10:13 +08:00
raptor.py Fix task_limiter in raptor.py (#8124) 2025-06-09 10:18:03 +08:00
settings.py Feat: make document parsing and embedding batch sizes configurable via environment variables (#8266) 2025-06-16 13:40:47 +08:00