{ "threat_severity" : "Moderate", "public_date" : "2020-03-04T00:00:00Z", "bugzilla" : { "description" : "django: potential SQL injection via \"tolerance\" parameter in GIS functions and aggregates on Oracle", "id" : "1810088", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1810088" }, "cvss3" : { "cvss3_base_score" : "8.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-89", "details" : [ "Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.", "A SQL-injection flaw was found in python-django, where GIS functions and aggregates in Oracle did not correctly neutralize tolerance-parameter data. A remote attacker could use this flaw to submit crafted data to inject malicious SQL." ], "statement" : "Although the following products ship the flawed code, they do not use or support its functionality and therefore will not be updated:\n* Red Hat OpenStack Platform\n* Red Hat Update Infrastructure 3\n* Red Hat Ceph Storage\nThe following products will be updated. However, because both products do not use the functionality, their Impact has been reduced to 'Low':\n* Red Hat Gluster Storage\n* Red Hat Satellite 6", "affected_release" : [ { "product_name" : "Red Hat Satellite 6.9 for RHEL 7", "release_date" : "2021-04-21T00:00:00Z", "advisory" : "RHSA-2021:1313", "cpe" : "cpe:/a:redhat:satellite:6.9::el7", "package" : "pulp-0:2.21.5-2.el7sat", "impact" : "low" }, { "product_name" : "Red Hat Satellite 6.9 for RHEL 7", "release_date" : "2021-04-21T00:00:00Z", "advisory" : "RHSA-2021:1313", "cpe" : "cpe:/a:redhat:satellite:6.9::el7", "package" : "python-django-0:1.11.29-1.el7sat", "impact" : "low" }, { "product_name" : "Red Hat Satellite 6.9 for RHEL 7", "release_date" : "2021-04-21T00:00:00Z", "advisory" : "RHSA-2021:1313", "cpe" : "cpe:/a:redhat:satellite_capsule:6.9::el7", "package" : "pulp-0:2.21.5-2.el7sat", "impact" : "low" }, { "product_name" : "Red Hat Satellite 6.9 for RHEL 7", "release_date" : "2021-04-21T00:00:00Z", "advisory" : "RHSA-2021:1313", "cpe" : "cpe:/a:redhat:satellite_capsule:6.9::el7", "package" : "python-django-0:1.11.29-1.el7sat", "impact" : "low" } ], "package_state" : [ { "product_name" : "Red Hat Ceph Storage 2", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:ceph_storage:2" }, { "product_name" : "Red Hat Ceph Storage 3", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:ceph_storage:3" }, { "product_name" : "Red Hat OpenStack Platform 10 (Newton)", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:10" }, { "product_name" : "Red Hat OpenStack Platform 13 (Queens)", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:13" }, { "product_name" : "Red Hat OpenStack Platform 15 (Stein)", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:15" }, { "product_name" : "Red Hat OpenStack Platform 16 (Train)", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:16" }, { "product_name" : "Red Hat Storage 3", "fix_state" : "Fix deferred", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:storage:3", "impact" : "low" }, { "product_name" : "Red Hat Update Infrastructure 3 for Cloud Providers", "fix_state" : "Fix deferred", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:rhui:3", "impact" : "low" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-9402\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-9402\nhttps://www.djangoproject.com/weblog/2020/mar/04/security-releases/" ], "name" : "CVE-2020-9402", "mitigation" : { "value" : "There is no known mitigation for this issue, the flaw can only be resolved by applying updates.", "lang" : "en:us" }, "csaw" : false }