Описание
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely.
Отчет
Red Hat OpenStack does ship the affected version of Django, however, vulnerability is not exposed in the product as it does not make use of vulnerable code. We may update Django in a future release of OpenStack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 3 | graphite-web | Affected | ||
| Red Hat Discovery | discovery-server-container | Affected | ||
| Red Hat OpenStack Platform 13 (Queens) | python-django | Affected | ||
| Red Hat Satellite 6 | python3-django | Affected | ||
| Red Hat Storage 3 | graphite-web | Affected | ||
| Red Hat Update Infrastructure 4 for Cloud Providers | python-django-guardian | Affected | ||
| Red Hat Update Infrastructure 4 for Cloud Providers | python-drf-nested-routers | Affected | ||
| Red Hat Ansible Automation Platform 2.1 for RHEL 8 | automation-controller | Fixed | RHSA-2022:5702 | 25.07.2022 |
| Red Hat Ansible Automation Platform 2.1 for RHEL 8 | python-django | Fixed | RHSA-2022:5702 | 25.07.2022 |
| Red Hat Automation Hub 4.2 for RHEL 7 | python3-django | Fixed | RHSA-2022:5703 | 25.07.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.4 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13 ...
Уязвимость реализации методов QuerySet.annotate(), aggregate() и extra() программной платформы для веб-приложений Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
9.4 Critical
CVSS3