GHSA-6r97-cj55-9hrq

Source

https://github.com/advisories/GHSA-6r97-cj55-9hrq

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-6r97-cj55-9hrq/GHSA-6r97-cj55-9hrq.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-6r97-cj55-9hrq

Aliases

Published

2019-08-16T14:00:34Z

Modified

2024-02-21T05:20:14.103677Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

SQL Injection in Django

Details

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.

References

Affected packages

PyPI / django

Package

Name: django; View open source insights on deps.dev
Purl: pkg:pypi/django

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.11.0

Fixed

1.11.23

Affected versions

1.*

1.11

1.11.1

1.11.2

1.11.3

1.11.4

1.11.5

1.11.6

1.11.7

1.11.8

1.11.9

1.11.10

1.11.11

1.11.12

1.11.13

1.11.14

1.11.15

1.11.16

1.11.17

1.11.18

1.11.20

1.11.21

1.11.22

PyPI / django

Package

Name: django; View open source insights on deps.dev
Purl: pkg:pypi/django

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.1.0

Fixed

2.1.11

Affected versions

2.*

2.1

2.1.1

2.1.2

2.1.3

2.1.4

2.1.5

2.1.7

2.1.8

2.1.9

2.1.10

PyPI / django

Package

Name: django; View open source insights on deps.dev
Purl: pkg:pypi/django

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.2.0

Fixed

2.2.4

Affected versions

2.*

2.2

2.2.1

2.2.2

2.2.3