CVE-2019-14234

Name
CVE-2019-14234
Description
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Vendor Advisory https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
Vendor Advisory https://docs.djangoproject.com/en/dev/releases/security/
Mailing List https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
Mailing List https://seclists.org/bugtraq/2019/Aug/15
Third Party Advisory https://www.debian.org/security/2019/dsa-4498
Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
CONFIRM https://security.netapp.com/advisory/ntap-20190828-0002/
GENTOO https://security.gentoo.org/glsa/202004-17

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* django >= 2.1 < 2.1.11
cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* django >= 1.11 < 1.11.23
cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* django >= 2.2 < 2.2.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status