Fluid Attacks Database

Description

sql injection

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	python-django	>=0 <2:2.2.11-1	2:2.2.11-1
debian 14	python-django	>=0 <2:2.2.11-1	2:2.2.11-1
alpine v3.9	py-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r0	1.11.29-r0
alpine v3.10	py-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r0	1.11.29-r0
alpine v3.8	py-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r0	1.11.29-r0
alpine v3.11	py3-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.23-r1 \|\| =1.11.23-r2 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r0	1.11.29-r0
alpine v3.12	py3-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.23-r1 \|\| =1.11.23-r2 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r0	1.11.29-r0
pypi	django	>=1.11 <1.11.29 \|\| >=2.2 <2.2.11 \|\| >=3.0 <3.0.4	1.11.29, 2.2.11, 3.0.4
debian 12	python-django	>=0 <2:2.2.11-1	2:2.2.11-1
debian 13	python-django	>=0 <2:2.2.11-1	2:2.2.11-1

1-10 of 11

Aliases

1. CVE-2020-94022. NVD-2020-94023. OSV-DEBIAN-2020-94024. OSV-2020-94025. OSV-ALPINE-2020-94026. GHSA-3gh2-xw74-jmcw7. GCVE-2020-94028. SECURITY-TRACKER-CVE-2020-94029. SECURITY-CVE-2020-940210. security.gentoo.org11. lists.debian.org

References

1. https://github.com/projectdiscovery/nuclei-templates/blob/main/dast/cves/2020/CVE-2020-9402.yaml2. https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e9273. https://www.djangoproject.com/weblog/2020/mar/04/security-releases4. https://www.debian.org/security/2020/dsa-47055. https://usn.ubuntu.com/4296-16. https://security.netapp.com/advisory/ntap-20200327-00047. https://lists.fedoraproject.org/archives/list/[email protected]/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY8. https://lists.fedoraproject.org/archives/list/[email protected]/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ9. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY10. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ11. https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY12. https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY13. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml14. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml15. https://docs.djangoproject.com/en/3.0/releases/security

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.