{ "threat_severity" : "Important", "public_date" : "2026-02-03T14:36:03Z", "bugzilla" : { "description" : "Django: Django: SQL Injection via crafted column aliases", "id" : "2436339", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2436339" }, "cvss3" : { "cvss3_base_score" : "8.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "status" : "verified" }, "cwe" : "CWE-89", "details" : [ "An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.\n`FilteredRelation` is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet` methods `annotate()`, `aggregate()`, `extra()`, `values()`, `values_list()`, and `alias()`.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Solomon Kebede for reporting this issue.", "A flaw was found in Django. This vulnerability allows a remote attacker to perform SQL injection by using specially crafted control characters within column aliases. When these crafted aliases are passed through dictionary expansion to `QuerySet` methods like `annotate()` or `values()`, it can lead to the execution of arbitrary SQL commands. This could result in unauthorized access to sensitive data or modification of information within the database." ], "statement" : "This IMPORTANT SQL injection flaw in Django allows a remote attacker to execute arbitrary SQL commands by crafting column aliases. This vulnerability affects Red Hat products that incorporate Django, such as Red Hat Ansible Automation Platform, Red Hat Discovery, Red Hat Satellite, Insights, and Ansible Services, potentially leading to unauthorized data access or modification.", "affected_release" : [ { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3959", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "python3.12-django-0:4.2.28-1.el8ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3959", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package" : "python3.12-django-0:4.2.28-1.el9ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3958", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "python3.12-django-0:4.2.28-1.el9ap" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 8", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5971", "cpe" : "cpe:/a:redhat:satellite:6.16::el8", "package" : "python-django-0:4.2.28-0.1.el8pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 8", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5971", "cpe" : "cpe:/a:redhat:satellite_capsule:6.16::el8", "package" : "python-django-0:4.2.28-0.1.el8pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5971", "cpe" : "cpe:/a:redhat:satellite:6.16::el9", "package" : "python-django-0:4.2.28-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5971", "cpe" : "cpe:/a:redhat:satellite_capsule:6.16::el9", "package" : "python-django-0:4.2.28-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "foreman-0:3.14.0.14-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "libcomps-0:0.1.23-0.3.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "python-brotli-0:1.2.0-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "python-django-0:4.2.28-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "python-pulp-container-0:2.22.3-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "python-pulp-rpm-0:3.27.10-2.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "rubygem-fog-kubevirt-0:1.5.1-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "rubygem-katello-0:4.16.0.14-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "rubygem-rubyipmi-0:0.13.0-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "satellite-0:6.17.7-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_maintenance:6.17::el9", "package" : "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "foreman-0:3.14.0.14-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "libcomps-0:0.1.23-0.3.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "python-brotli-0:1.2.0-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "python-django-0:4.2.28-0.1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "python-pulp-container-0:2.22.3-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "python-pulp-rpm-0:3.27.10-2.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "rubygem-fog-kubevirt-0:1.5.1-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "rubygem-katello-0:4.16.0.14-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "rubygem-rubyipmi-0:0.13.0-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "satellite-0:6.17.7-1.el9sat" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-03-26T00:00:00Z", "advisory" : "RHSA-2026:5970", "cpe" : "cpe:/a:redhat:satellite_utils:6.17::el9", "package" : "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3962", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "ansible-automation-platform-25/lightspeed-rhel8:sha256:069c671a4745f1059e48d1813e593fc33665d9c4c1e0b14c12a0ca3bc8d32080" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3960", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "ansible-automation-platform-26/lightspeed-rhel9:sha256:0b6086acb5dc2c46ba74583bbe1b39f22317a386fa4b89b6f592dfe6e9e10511" }, { "product_name" : "Red Hat Discovery 2", "release_date" : "2026-02-12T00:00:00Z", "advisory" : "RHSA-2026:2694", "cpe" : "cpe:/a:redhat:discovery:2::el9", "package" : "discovery/discovery-server-rhel9:sha256:cdf9b1062c961f67ee4f5dd3e23b26420517f884a51d2034efacff6847d47b5f" }, { "product_name" : "Red Hat Satellite 6.18", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6291", "cpe" : "cpe:/a:redhat:satellite:6.18::el9", "package" : "satellite/iop-advisor-backend-rhel9:sha256:563d17f7250c9a5ccb9f7213332b0a8e0b876e8e4e9814a7f397e51972c60a2c" } ], "package_state" : [ { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-24/de-minimal-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-24/de-minimal-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-25/de-minimal-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-25/de-minimal-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/de-minimal-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "automation-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Affected", "package_name" : "python-django20", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Not affected", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Not affected", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "python3.12-django", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite-capsule:el8/python-django", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Update Infrastructure 4 for Cloud Providers", "fix_state" : "Will not fix", "package_name" : "python-django", "cpe" : "cpe:/a:redhat:rhui:4::el8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-1287\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-1287\nhttps://docs.djangoproject.com/en/dev/releases/security/\nhttps://groups.google.com/g/django-announce\nhttps://www.djangoproject.com/weblog/2026/feb/03/security-releases/" ], "name" : "CVE-2026-1287", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.", "lang" : "en:us" }, "csaw" : false }