Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-9402HistoryMar 05, 2020 - 3:15 p.m.
CVE-2020-9402
2020-03-0515:15:00
Alpine Linux Development Team
security.alpinelinux.org
23
0.141 Low
EPSS
Percentile
95.7%
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.10-main | noarch | py-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.14-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | py3-django | <Â 1.11.29-r0 | UNKNOWN |
Related
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerability (USN-4296-1)
2020-03-06 00:00:00
Debian DLA-3024-1 : python-django - LTS security update
2022-05-27 00:00:00
openvas
openvas
Django 1.11.x < 1.11.29, 2.2.x < 2.2.11, 3.0.x < 3.0.4 SQL Injection Vulnerability - Windows
2020-03-06 00:00:00
Ubuntu: Security Advisory (USN-4296-1)
2020-03-05 00:00:00
Debian: Security Advisory (DLA-3024-1)
2022-05-27 00:00:00
osv
osv
python-django - security update
2022-05-26 00:00:00
PYSEC-2020-36
2020-03-05 15:15:00
BIT-django-2020-9402
2024-03-06 10:55:44
nuclei
nuclei
Django SQL Injection
2021-07-26 17:18:45
github
github
SQL injection in Django
2020-06-05 14:52:07
freebsd
freebsd
Django -- potential SQL injection vulnerability
2020-02-25 00:00:00
cvelist
cvelist
CVE-2020-9402
2020-03-05 14:49:57
ubuntucve
ubuntucve
CVE-2020-9402
2020-03-04 00:00:00
debian
debian
[SECURITY] [DLA 3024-1] python-django security update
2022-05-26 11:06:05
[SECURITY] [DSA 4705-1] python-django security update
2020-06-18 08:52:14
[SECURITY] [DSA 4705-1] python-django security update
2020-06-18 08:51:53
redhatcve
redhatcve
CVE-2020-9402
2020-03-04 14:41:07
debiancve
debiancve
CVE-2020-9402
2020-03-05 15:15:00
ubuntu
ubuntu
Django vulnerability
2020-03-04 00:00:00
prion
prion
Sql injection
2020-03-05 15:15:00
cve
cve
CVE-2020-9402
2020-03-05 15:15:00
veracode
veracode
SQL Injection
2020-03-05 05:52:41
archlinux
archlinux
[ASA-202003-5] python-django: sql injection
2020-03-08 00:00:00
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 32 Update: python-django-3.0.7-1.fc32
2020-06-19 01:05:39
[SECURITY] Fedora 31 Update: python-django-2.2.13-1.fc31
2020-06-19 01:07:50
gentoo
gentoo
Django: Multiple vulnerabilities
2020-04-30 00:00:00
redhat
redhat
(RHSA-2021:1313) Moderate: Satellite 6.9 Release
2021-04-21 12:43:38