SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

py-django: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle (CVE-2020-9402)

ID: oval:org.secpod.oval:def:1801684	Date: (C)2020-03-20 (M)2023-11-10
Class: PATCH	Family: unix

A flaw was found in Django in a way that GIS functions and aggregates on Oracle were subject to SQL injection, using a suitably crafted tolerance. Fixed In Version: Django 1.11.29

Platform:

Alpine Linux 3.10

Alpine Linux 3.11

Alpine Linux 3.8

Alpine Linux 3.9

Product:

py3-django

Reference:

11288

CVE-2020-9402


30430



423868



247621



909



194512



282