Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionGitHub Advisory
Summary
A SQL injection vulnerability in the Oracle path of FilterEngine.create_sqla_query allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint (GET /dids/<scope>/dids/search). Attacker-controlled filter keys and values are interpolated directly into sqlalchemy.text via Python str.format, completely bypassing parameterization. This enables full database compromise including extraction of authentication tokens, password hashes, and all managed data identifiers. The vulnerability is affecting deployments using the default metadata plugin configuration json_meta with Oracle database backends.
Details
*Will follow in two weeks (2025-05-19).*
Impact
Vulnerability type: SQL Injection (CWE-89)
Who is impacted:
- All Oracle-based Rucio deployments using the default metadata plugin configuration (
json_meta). - *Not affected* are PostgreSQL/MySQL deployments using the default
json_metaplugin (SQLAlchemy parameterizes the JSON path operations via bind parameters on non-Oracle dialects).
What an attacker can do:
- Full database read access: Extract any table including
identities(password hashes and salts),tokens(active authentication sessions),accounts(user enumeration),rse_settings(storage endpoint credentials), andrules(data management policies). - Password hash extraction: Combined with Rucio's use of single-iteration SHA-256 for password hashing (no KDF), extracted hashes can be cracked at GPU speed.
- Authentication token theft: Active bearer tokens can be extracted and used for immediate session hijacking.
- Data modification: Oracle PL/SQL enables
INSERT/UPDATE/DELETEoperations via DML within subqueries and PL/SQL blocks. - Potential remote code execution: Via Oracle's
UTL_HTTP,DBMS_SCHEDULER, or Java stored procedures if the database user has elevated privileges.
Required attacker privileges: Any authenticated Rucio user. Authentication tokens can be obtained via any supported method (userpass, x509, OIDC, SAML, SSH, GSS). No special roles or administrative permissions are required. The GET /dids/<scope>/dids/search endpoint is available to all authenticated users.
AnalysisAI
SQL injection in Rucio's DID search API allows any authenticated user to execute arbitrary SQL on Oracle database backends, enabling complete database compromise. The vulnerability affects Rucio versions 1.27.0 through 40.1.0 when deployed with Oracle databases using the default json_meta plugin. Attackers can extract authentication tokens, password hashes (SHA-256 single-iteration, GPU-crackable), storage credentials, and all managed data. Data modification and potential remote code execution via Oracle PL/SQL features are possible. Vendor-confirmed vulnerability with patches released across four version branches. PostgreSQL and MySQL deployments are not affected due to proper SQLAlchemy parameterization on those database dialects.
Technical ContextAI
Rucio is a scientific data management system used by CERN and other research organizations to manage exabyte-scale distributed datasets. The vulnerability exists in FilterEngine.create_sqla_query where user-supplied filter keys and values from the DID (Data Identifier) search endpoint are directly interpolated into sqlalchemy.text objects using Python str.format instead of parameterized queries. This is a textbook CWE-89 SQL injection where the Oracle JSON path implementation bypasses SQLAlchemy's built-in parameter binding. The affected CPE is pkg:pip/rucio across multiple version ranges. Oracle database's JSON_VALUE and JSON_QUERY functions, combined with PL/SQL capabilities, provide extensive attack surface beyond simple SELECT statements. The vulnerability is specific to Oracle's SQL dialect implementation in the json_meta metadata plugin - PostgreSQL and MySQL use properly parameterized JSONB/JSON operators that prevent injection.
RemediationAI
Upgrade Rucio immediately based on your current version branch: if running 1.27.0-35.x, upgrade to 35.8.5 or later; if running 36.0-38.x, upgrade to 38.5.5 or later; if running 39.0-39.x, upgrade to 39.4.2 or later; if running 40.0-40.x, upgrade to 40.1.1 or later. Patches available via PyPI (pip install --upgrade rucio) and GitHub releases at https://github.com/rucio/rucio. If immediate patching is not feasible, implement these compensating controls with noted trade-offs: (1) Disable the DID search endpoint (GET /dids/<scope>/dids/search) at the reverse proxy/API gateway level - this breaks metadata search functionality for all users; (2) Implement strict input validation at the proxy layer allowing only alphanumeric characters in filter parameters - may break legitimate searches using special characters; (3) Rotate all authentication tokens and force password resets for all users post-patching since existing credentials may have been compromised; (4) Audit Oracle database user privileges and revoke UTL_HTTP, DBMS_SCHEDULER, and Java stored procedure execution rights if not required - reduces RCE risk but may impact legitimate database operations. Review database audit logs for suspicious JSON_VALUE/JSON_QUERY operations with unusual WHERE clauses or UNION statements as potential indicators of exploitation attempts.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-27869
GHSA-vjr5-c9qv-hgm3