###CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list() QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. Thanks to Eyal Gabay of EyalSec for the report. This issue has severity "high" according to the Django security policy.

Actions:

View on HackerOne

Reported by eyalgabay

Vulnerability Details

Technical details and impact analysis

Hi IBB :) I found SQL injection in django. you can see my cve (CVE-2024-42005) here: https://www.djangoproject.com/weblog/2024/aug/06/security-releases/ ## Impact QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. NVD rated the vulnerability sevirity as 9.8. https://nvd.nist.gov/vuln/detail/CVE-2024-42005

Related CVEs

Associated Common Vulnerabilities and Exposures

CVE-2024-42005 CRITICAL

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Bounty

$4263.00