gmakstutis/ragflow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ragflow/rag/utils
History
kira-offgrid f0e0783618
Fix: Database Query Vulnerable to Injection Attacks in rag/utils/opendal_conn.py (#8408) 
**Context and Purpose:**

This PR automatically remediates a security vulnerability:
- **Description:** Detected possible formatted SQL query. Use
parameterized queries instead.
- **Rule ID:**
python.lang.security.audit.formatted-sql-query.formatted-sql-query
- **Severity:** HIGH
- **File:** rag/utils/opendal_conn.py
- **Lines Affected:** 98 - 98

This change is necessary to protect the application from potential
security risks associated with this vulnerability.

**Solution Implemented:**

The automated remediation process has applied the necessary changes to
the affected code in `rag/utils/opendal_conn.py` to resolve the
identified issue.

Please review the changes to ensure they are correct and integrate as
expected.
2025-06-23 14:54:25 +08:00
..
__init__.py Fix: type violations. (#6262) 2025-03-19 12:12:34 +08:00
azure_sas_conn.py refactor: no need to inherit in python3 clean the code (#5659) 2025-03-05 18:03:53 +08:00
azure_spn_conn.py refactor: no need to inherit in python3 clean the code (#5659) 2025-03-05 18:03:53 +08:00
doc_store_conn.py Update comments (#4569) 2025-01-21 20:52:28 +08:00
es_conn.py fix: List Chunks API fails to return the correct document status. (#8347) 2025-06-19 11:12:53 +08:00
infinity_conn.py Fix: whole knowledge graph lost after removing any document in the knowledge base (#7151) 2025-04-30 09:43:17 +08:00
minio_conn.py Delete Corresponding Minio Bucket When Deleting a Knowledge Base (#7841) 2025-05-26 10:02:51 +08:00
opendal_conn.py Fix: Database Query Vulnerable to Injection Attacks in rag/utils/opendal_conn.py (#8408) 2025-06-23 14:54:25 +08:00
opensearch_coon.py Fix: Opensearch chunk management (#7802) 2025-05-26 16:57:58 +08:00
oss_conn.py refactor: no need to inherit in python3 clean the code (#5659) 2025-03-05 18:03:53 +08:00
redis_conn.py feat: Recover pending tasks while pod restart. (#7073) 2025-04-19 16:18:51 +08:00
s3_conn.py fix: allow to do role auth for S3 bucket use. (#8149) 2025-06-10 10:50:07 +08:00
storage_factory.py Oss support opendal(including mysql) (#8204) 2025-06-12 11:37:42 +08:00
tavily_conn.py Feat: apply LLM to optimize citations. (#5935) 2025-03-11 19:56:21 +08:00