vulnerability
Oracle Linux: CVE-2024-42005: ELSA-2024-12803: Oracle Linux Automation Manager 2.2 (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | 2024-08-06 | 2024-11-11 | 2024-12-17 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
2024-08-06
Added
2024-11-11
Modified
2024-12-17
Description
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.
A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.
A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.
Solution(s)
oracle-linux-upgrade-ansible-collection-ansible-posixoracle-linux-upgrade-ansible-collection-community-cryptooracle-linux-upgrade-ansible-collection-community-postgresqloracle-linux-upgrade-ansible-collection-mdellweg-filtersoracle-linux-upgrade-ansible-collection-pulp-pulp-installeroracle-linux-upgrade-ansible-role-postgresqloracle-linux-upgrade-dumb-initoracle-linux-upgrade-ol-automation-manageroracle-linux-upgrade-ol-automation-manager-clioracle-linux-upgrade-ol-private-automation-hub-installeroracle-linux-upgrade-pulpcore-selinuxoracle-linux-upgrade-python3-11-aiodnsoracle-linux-upgrade-python3-11-aiofilesoracle-linux-upgrade-python3-11-aiohttporacle-linux-upgrade-python3-11-aiosignaloracle-linux-upgrade-python3-11-ansible-builderoracle-linux-upgrade-python3-11-ansible-compatoracle-linux-upgrade-python3-11-ansible-coreoracle-linux-upgrade-python3-11-ansible-lintoracle-linux-upgrade-python3-11-asgireforacle-linux-upgrade-python3-11-asyncio-throttleoracle-linux-upgrade-python3-11-async-lruoracle-linux-upgrade-python3-11-async-timeoutoracle-linux-upgrade-python3-11-attrsoracle-linux-upgrade-python3-11-awscrtoracle-linux-upgrade-python3-11-backofforacle-linux-upgrade-python3-11-bindeporacle-linux-upgrade-python3-11-blackoracle-linux-upgrade-python3-11-bleachoracle-linux-upgrade-python3-11-bleach-allowlistoracle-linux-upgrade-python3-11-boto3oracle-linux-upgrade-python3-11-botocoreoracle-linux-upgrade-python3-11-bracexoracle-linux-upgrade-python3-11-brotlioracle-linux-upgrade-python3-11-buildoracle-linux-upgrade-python3-11-certifioracle-linux-upgrade-python3-11-cffioracle-linux-upgrade-python3-11-charset-normalizeroracle-linux-upgrade-python3-11-clickoracle-linux-upgrade-python3-11-coloramaoracle-linux-upgrade-python3-11-cryptographyoracle-linux-upgrade-python3-11-dateutiloracle-linux-upgrade-python3-11-defusedxmloracle-linux-upgrade-python3-11-deprecatedoracle-linux-upgrade-python3-11-diff-match-patchoracle-linux-upgrade-python3-11-distrooracle-linux-upgrade-python3-11-djangooracle-linux-upgrade-python3-11-django-auth-ldaporacle-linux-upgrade-python3-11-django-filteroracle-linux-upgrade-python3-11-django-guidoracle-linux-upgrade-python3-11-django-import-exportoracle-linux-upgrade-python3-11-django-ipwareoracle-linux-upgrade-python3-11-django-lifecycleoracle-linux-upgrade-python3-11-django-picklefieldoracle-linux-upgrade-python3-11-django-prometheusoracle-linux-upgrade-python3-11-djangorestframeworkoracle-linux-upgrade-python3-11-djangorestframework-queryfieldsoracle-linux-upgrade-python3-11-drf-access-policyoracle-linux-upgrade-python3-11-drf-nested-routersoracle-linux-upgrade-python3-11-drf-spectacularoracle-linux-upgrade-python3-11-dynaconforacle-linux-upgrade-python3-11-et-xmlfileoracle-linux-upgrade-python3-11-filelockoracle-linux-upgrade-python3-11-flake8oracle-linux-upgrade-python3-11-frozenlistoracle-linux-upgrade-python3-11-futureoracle-linux-upgrade-python3-11-galaxy-importeroracle-linux-upgrade-python3-11-galaxy-ngoracle-linux-upgrade-python3-11-gitdboracle-linux-upgrade-python3-11-gitpythonoracle-linux-upgrade-python3-11-gnupgoracle-linux-upgrade-python3-11-googleapis-common-protosoracle-linux-upgrade-python3-11-grpciooracle-linux-upgrade-python3-11-gunicornoracle-linux-upgrade-python3-11-idnaoracle-linux-upgrade-python3-11-importlib-metadataoracle-linux-upgrade-python3-11-inflectionoracle-linux-upgrade-python3-11-insights-analytics-collectororacle-linux-upgrade-python3-11-jinja2oracle-linux-upgrade-python3-11-jmespathoracle-linux-upgrade-python3-11-jsonschemaoracle-linux-upgrade-python3-11-ldaporacle-linux-upgrade-python3-11-markdownoracle-linux-upgrade-python3-11-markdown-it-pyoracle-linux-upgrade-python3-11-markuppyoracle-linux-upgrade-python3-11-markupsafeoracle-linux-upgrade-python3-11-marshmalloworacle-linux-upgrade-python3-11-mccabeoracle-linux-upgrade-python3-11-mdurloracle-linux-upgrade-python3-11-multidictoracle-linux-upgrade-python3-11-mypy-extensionsoracle-linux-upgrade-python3-11-nayaoracle-linux-upgrade-python3-11-oauthliboracle-linux-upgrade-python3-11-odfpyoracle-linux-upgrade-python311-olamkitoracle-linux-upgrade-python3-11-openpyxloracle-linux-upgrade-python3-11-opentelemetry-apioracle-linux-upgrade-python3-11-opentelemetry-distrooracle-linux-upgrade-python3-11-opentelemetry-exporter-otlporacle-linux-upgrade-python3-11-opentelemetry-exporter-otlp-proto-commonoracle-linux-upgrade-python3-11-opentelemetry-exporter-otlp-proto-grpcoracle-linux-upgrade-python3-11-opentelemetry-exporter-otlp-proto-httporacle-linux-upgrade-python3-11-opentelemetry-instrumentationoracle-linux-upgrade-python3-11-opentelemetry-instrumentation-djangooracle-linux-upgrade-python3-11-opentelemetry-instrumentation-wsgioracle-linux-upgrade-python3-11-opentelemetry-protooracle-linux-upgrade-python3-11-opentelemetry-sdkoracle-linux-upgrade-python3-11-opentelemetry-semantic-conventionsoracle-linux-upgrade-python3-11-opentelemetry-util-httporacle-linux-upgrade-python3-11-packagingoracle-linux-upgrade-python3-11-parsleyoracle-linux-upgrade-python3-11-pathspecoracle-linux-upgrade-python3-11-pbroracle-linux-upgrade-python3-11-pilloworacle-linux-upgrade-python3-11-pipdeptreeoracle-linux-upgrade-python3-11-pip-toolsoracle-linux-upgrade-python3-11-platformdirsoracle-linux-upgrade-python3-11-prometheus-clientoracle-linux-upgrade-python3-11-protobuforacle-linux-upgrade-python3-11-psycopgoracle-linux-upgrade-python3-11-psycopg-coracle-linux-upgrade-python3-11-psycopg-pooloracle-linux-upgrade-python3-11-pulp-ansibleoracle-linux-upgrade-python3-11-pulp-containeroracle-linux-upgrade-python3-11-pulpcoreoracle-linux-upgrade-python3-11-pulp-glueoracle-linux-upgrade-python3-11-pyasn1oracle-linux-upgrade-python3-11-pyasn1-modulesoracle-linux-upgrade-python3-11-pycaresoracle-linux-upgrade-python3-11-pycodestyleoracle-linux-upgrade-python3-11-pycparseroracle-linux-upgrade-python3-11-pycryptodomexoracle-linux-upgrade-python3-11-pyflakesoracle-linux-upgrade-python3-11-pygmentsoracle-linux-upgrade-python3-11-pygtrieoracle-linux-upgrade-python3-11-pyjwkestoracle-linux-upgrade-python3-11-pyjwtoracle-linux-upgrade-python3-11-pyparsingoracle-linux-upgrade-python3-11-pyproject-hooksoracle-linux-upgrade-python3-11-pyrsistentoracle-linux-upgrade-python3-11-python3-openidoracle-linux-upgrade-python3-11-pytzoracle-linux-upgrade-python3-11-pyyamloracle-linux-upgrade-python3-11-redisoracle-linux-upgrade-python3-11-requestsoracle-linux-upgrade-python3-11-requests-oauthliboracle-linux-upgrade-python3-11-requirements-parseroracle-linux-upgrade-python3-11-resolveliboracle-linux-upgrade-python3-11-richoracle-linux-upgrade-python3-11-ruamel-yamloracle-linux-upgrade-python3-11-ruamel-yaml-cliboracle-linux-upgrade-python3-11-s3transferoracle-linux-upgrade-python3-11-semantic-versionoracle-linux-upgrade-python3-11-setproctitleoracle-linux-upgrade-python3-11-setuptools-scmoracle-linux-upgrade-python3-11-sixoracle-linux-upgrade-python3-11-smmaporacle-linux-upgrade-python3-11-social-auth-app-djangooracle-linux-upgrade-python3-11-social-auth-coreoracle-linux-upgrade-python3-11-sqlparseoracle-linux-upgrade-python3-11-subprocess-teeoracle-linux-upgrade-python3-11-tabliboracle-linux-upgrade-python3-11-tomlioracle-linux-upgrade-python3-11-types-cryptographyoracle-linux-upgrade-python3-11-types-setuptoolsoracle-linux-upgrade-python3-11-typing-extensionsoracle-linux-upgrade-python3-11-uritemplateoracle-linux-upgrade-python3-11-urllib3oracle-linux-upgrade-python3-11-url-normalizeoracle-linux-upgrade-python3-11-uuid6oracle-linux-upgrade-python3-11-wcmatchoracle-linux-upgrade-python3-11-webencodingsoracle-linux-upgrade-python3-11-websocketsoracle-linux-upgrade-python3-11-whitenoiseoracle-linux-upgrade-python3-11-wraptoracle-linux-upgrade-python3-11-xlrdoracle-linux-upgrade-python3-11-xlwtoracle-linux-upgrade-python3-11-yamllintoracle-linux-upgrade-python3-11-yarloracle-linux-upgrade-python3-11-zipporacle-linux-upgrade-python-dateutil-docoracle-linux-upgrade-python-pip-tools-docoracle-linux-upgrade-receptororacle-linux-upgrade-supervisor
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.