CVE-2020-7471

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Django versions 1.11 through 1.11.27 Django versions 2.2 through 2.2.9 Django versions 3.0 through 3.0.2

Description The issue allows SQL Injection if untrusted data is used as a StringAgg delimiter, potentially enabling an attacker to break escaping and inject malicious SQL. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For Django versions 1.11 through 1.11.27, update to version 1.11.28 or later. For Django versions 2.2 through 2.2.9, update to version 2.2.10 or later. For Django versions 3.0 through 3.0.2, update to version 3.0.3 or later. As a temporary workaround, consider restricting the use of the contrib.postgres.aggregates.StringAgg instance to minimize the risk of exploitation.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

ALT-PU-2020-1708

ALT-PU-2021-1636

BDU:2021-03743

BIT-DJANGO-2020-7471

CVE-2020-7471

DSA-4629-1

GHSA-HMR4-M2H5-33QX

OPENSUSE-SU-2024:11205-1

OPENSUSE-SU-2024:13887-1

OPENSUSE-SU-2024:14208-1

OPENSUSE-SU-2026:10005-1

PYSEC-2020-35

SUSE-RU-2020:2161-1

SUSE-SU-2020:3309-1

USN-4264-1

Affected Products

Alt Linux

Django

Ubuntu

CVE-2020-7471

Weakness Enumeration

Related Identifiers

Affected Products

References · 271