diff --git a/docs/en_US/release_notes_9_2.rst b/docs/en_US/release_notes_9_2.rst index 0c8dc9297..6373d5f70 100644 --- a/docs/en_US/release_notes_9_2.rst +++ b/docs/en_US/release_notes_9_2.rst @@ -50,3 +50,4 @@ Bug fixes | `Issue #8577 `_ - Fixed an issue where the upgrade_check API returned an unexpected keyword argument 'cafile' due to changes in the urllib package supporting Python v3.13. | `Issue #8597 `_ - Fixed an issue where delete/rename was done on wrong file after sorting in Storage Manager. | `Issue #8602 `_ - Fixed an XSS vulnerability issue in the Query Tool and View/Edit Data (CVE-2025-2946). + | `Issue #8603 `_ - Fixed a remote code execution issue in the Query Tool and Cloud Deployment (CVE-2025-2945). \ No newline at end of file diff --git a/web/pgacloud/providers/google.py b/web/pgacloud/providers/google.py index 86faae1f1..d7360c133 100644 --- a/web/pgacloud/providers/google.py +++ b/web/pgacloud/providers/google.py @@ -136,8 +136,12 @@ class GoogleProvider(AbsProvider): credentials = self._get_credentials(self._scopes) service = discovery.build('sqladmin', 'v1beta4', credentials=credentials) - high_availability = \ - 'REGIONAL' if eval(args.high_availability) else 'ZONAL' + + _high_availability = args.high_availability.lower() in ( + 'true', '1') if isinstance(args.high_availability, str + ) else args.high_availability + + high_availability = 'REGIONAL' if _high_availability else 'ZONAL' db_password = self._database_password \ if self._database_password is not None else args.db_password diff --git a/web/pgadmin/tools/sqleditor/__init__.py b/web/pgadmin/tools/sqleditor/__init__.py index ee68a2759..eb26bdfa5 100644 --- a/web/pgadmin/tools/sqleditor/__init__.py +++ b/web/pgadmin/tools/sqleditor/__init__.py @@ -2156,7 +2156,8 @@ def start_query_download_tool(trans_id): sql = value if key == 'query_commited': query_commited = ( - eval(value) if isinstance(value, str) else value + value.lower() in ('true', '1') if isinstance( + value, str) else value ) if not sql: sql = trans_obj.get_sql(sync_conn)