CVE-2026-42031
HIGH SEVERITYVulnerability Description
CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql`
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
pip
Product
ckan
External References
- https://github.com/ckan/ckan/security/advisories/GHSA-h7j7-3rx6-xvcg
- https://docs.ckan.org/en/2.10/changelog.html#v-2-10-10-2026-04-29
- https://docs.ckan.org/en/2.11/changelog.html#v-2-11-5-2026-04-29
- https://docs.ckan.org/en/2.11/extensions/plugin-interfaces.html#ckan.plugins.interfaces.IAuthFunctions
- https://docs.ckan.org/en/2.11/maintaining/configuration.html#ckan-datastore-sqlsearch-enabled
- https://github.com/advisories/GHSA-h7j7-3rx6-xvcg
Discussion (0)
Add Comment
No comments yet. Be the first!