https://bugzilla.suse.com/show_bug.cgi?id=1216431 https://bugzilla.suse.com/show_bug.cgi?id=1216431#c2 --- Comment #2 from John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> --- According to upstream, this CVE is considered to be a false positive: https://github.com/dbcli/mycli/issues/1131#issuecomment-1849023748 -- You are receiving this mail because: You are on the CC list for the bug.