csaf_redhat - rhsa-2022

rhsa-2022_5738

Vulnerability from csaf_redhat

Published

2022-07-27 14:49

Modified

2024-11-22 19:52

Summary

Red Hat Security Advisory: Django 3.2.14 Security Update

Notes

Topic

A security fix for a CVE in the Django library is now available.

Details

Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances. Security Fix: * Django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments (CVE-2022-34265) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Users of RHUI are advised to upgrade to this updated package that fixes this bug.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A security fix for a CVE in the Django library is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances.\n\nSecurity Fix:\n* Django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments (CVE-2022-34265)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nUsers of RHUI are advised to upgrade to this updated package that fixes\nthis bug.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:5738",
        "url": "https://access.redhat.com/errata/RHSA-2022:5738"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2102896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102896"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5738.json"
      }
    ],
    "title": "Red Hat Security Advisory: Django 3.2.14 Security Update",
    "tracking": {
      "current_release_date": "2024-11-22T19:52:47+00:00",
      "generator": {
        "date": "2024-11-22T19:52:47+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2022:5738",
      "initial_release_date": "2022-07-27T14:49:23+00:00",
      "revision_history": [
        {
          "date": "2022-07-27T14:49:23+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-07-27T14:49:23+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T19:52:47+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHUI 4 for RHEL 8",
                "product": {
                  "name": "RHUI 4 for RHEL 8",
                  "product_id": "8Base-RHUI-4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhui:4::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Update Infrastructure"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python-django-0:3.2.14-3.el8ui.src",
                "product": {
                  "name": "python-django-0:3.2.14-3.el8ui.src",
                  "product_id": "python-django-0:3.2.14-3.el8ui.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-django@3.2.14-3.el8ui?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python38-django-0:3.2.14-3.el8ui.noarch",
                "product": {
                  "name": "python38-django-0:3.2.14-3.el8ui.noarch",
                  "product_id": "python38-django-0:3.2.14-3.el8ui.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python38-django@3.2.14-3.el8ui?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-django-0:3.2.14-3.el8ui.src as a component of RHUI 4 for RHEL 8",
          "product_id": "8Base-RHUI-4:python-django-0:3.2.14-3.el8ui.src"
        },
        "product_reference": "python-django-0:3.2.14-3.el8ui.src",
        "relates_to_product_reference": "8Base-RHUI-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python38-django-0:3.2.14-3.el8ui.noarch as a component of RHUI 4 for RHEL 8",
          "product_id": "8Base-RHUI-4:python38-django-0:3.2.14-3.el8ui.noarch"
        },
        "product_reference": "python38-django-0:3.2.14-3.el8ui.noarch",
        "relates_to_product_reference": "8Base-RHUI-4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34265",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "discovery_date": "2022-06-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2102896"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Django. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Applications that constrain the lookup name and kind choice to a known safe list are unaffected.\n\nRed Hat Satellite 6 versions include affected versions of python-django, however, the product is not vulnerable since it does not make use of vulnerable functions. Future updates may fix this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHUI-4:python-django-0:3.2.14-3.el8ui.src",
          "8Base-RHUI-4:python38-django-0:3.2.14-3.el8ui.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-34265"
        },
        {
          "category": "external",
          "summary": "RHBZ#2102896",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102896"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34265",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-34265"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34265",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34265"
        }
      ],
      "release_date": "2022-07-04T08:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-07-27T14:49:23+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nRHUI services must be restarted for this update to take effect. To restart them, run the following command on the RHUA node as root:\n\n# rhui-services-restart\n\nFor other information, consult the product documentation at:\nhttps://access.redhat.com/documentation/en-us/red_hat_update_infrastructure/4",
          "product_ids": [
            "8Base-RHUI-4:python-django-0:3.2.14-3.el8ui.src",
            "8Base-RHUI-4:python38-django-0:3.2.14-3.el8ui.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:5738"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHUI-4:python-django-0:3.2.14-3.el8ui.src",
            "8Base-RHUI-4:python38-django-0:3.2.14-3.el8ui.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments"
    }
  ]
}

cve-2022-34265

Vulnerability from cvelistv5

Published

2022-07-04 00:00

Modified

2024-08-03 09:07

Severity ?

Summary

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

References

▼	URL	Tags
	https://groups.google.com/forum/#%21forum/django-announce
	https://docs.djangoproject.com/en/4.0/releases/security/
	https://www.djangoproject.com/weblog/2022/jul/04/security-releases/
	https://security.netapp.com/advisory/ntap-20220818-0006/
	https://www.debian.org/security/2022/dsa-5254	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/	vendor-advisory

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:07:16.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/forum/#%21forum/django-announce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.djangoproject.com/en/4.0/releases/security/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.djangoproject.com/weblog/2022/jul/04/security-releases/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220818-0006/"
          },
          {
            "name": "DSA-5254",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5254"
          },
          {
            "name": "FEDORA-2023-8fed428c5e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/"
          },
          {
            "name": "FEDORA-2023-a53ab7c969",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-28T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://groups.google.com/forum/#%21forum/django-announce"
        },
        {
          "url": "https://docs.djangoproject.com/en/4.0/releases/security/"
        },
        {
          "url": "https://www.djangoproject.com/weblog/2022/jul/04/security-releases/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220818-0006/"
        },
        {
          "name": "DSA-5254",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5254"
        },
        {
          "name": "FEDORA-2023-8fed428c5e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/"
        },
        {
          "name": "FEDORA-2023-a53ab7c969",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-34265",
    "datePublished": "2022-07-04T00:00:00",
    "dateReserved": "2022-06-21T00:00:00",
    "dateUpdated": "2024-08-03T09:07:16.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted