EXECUTIVE SUMMARY:
CVE-2026-42031 with a CVSS score of 8.3 is a high-severity vulnerability affecting CKAN, a popular open-source data management system, specifically impacting versions prior to 2.10.10 and between 2.11.0 and 2.11.4. The vulnerability, resulting from improper neutralization of special elements in an SQL command, lies in the `datastore_search_sql` function, which allows unauthenticated attackers to inject SQL and gain unauthorized access to private resources and PostgreSQL system information. An attacker can exploit this vulnerability by sending a specially crafted request to the `datastore_search_sql` function, requiring no privileged access, thereby enabling them to access sensitive data and system information. The attacker gains the capability to extract and manipulate sensitive data, potentially leading to business impact and consequences such as data breaches, unauthorized access, and reputational damage. Successful exploitation is possible in scenarios where the DataStore SQL search is enabled and the `ckan .datastore .sqlsearch .enabled` configuration setting is not properly set or restricted, and the `IAuthFunctions` plugin is not implemented to prevent or limit abuse.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-42031 with a CVSS score of 8.3 is a high-severity vulnerability affecting CKAN, a popular open-source data management system, specifically impacting versions prior to 2.10.10 and between 2.11.0 and 2.11.4. The vulnerability, resulting from improper neutralization of special elements in an SQL command, lies in the `datastore_search_sql` function, which allows unauthenticated attackers to inject SQL and gain unauthorized access to private resources and PostgreSQL system information. An attacker can exploit this vulnerability by sending a specially crafted request to the `datastore_search_sql` function, requiring no privileged access, thereby enabling them to access sensitive data and system information. The attacker gains the capability to extract and manipulate sensitive data, potentially leading to business impact and consequences such as data breaches, unauthorized access, and reputational damage. Successful exploitation is possible in scenarios where the DataStore SQL search is enabled and the `ckan .datastore .sqlsearch .enabled` configuration setting is not properly set or restricted, and the `IAuthFunctions` plugin is not implemented to prevent or limit abuse.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update ckan to version 2.10.10 or 2.11.5.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-h7j7-3rx6-xvcg