CVE-2024-53908

CRITICAL severity · CVSS 9.8 · SQL injection

9.8CVSS CRITICAL

Summary

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges requiredNone

User interactionNone

Confidentiality impactHigh

Integrity impactHigh

Availability impactHigh

Exploit probability (EPSS)1%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products we track (1)

Django

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: https://docs.djangoproject.com/en/dev/releases/security/ ↗

Additional information

NVD record
https://docs.djangoproject.com/en/dev/releases/security/Patch
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/12/04/3Advisory