Page 3 of 24 results (0.018 seconds)

CVSS: 9.8EPSS: 13%CPEs: 2EXPL: 3

CVE-2022-34265 – python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments

https://notcve.org/view.php?id=CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. Se ha detectado un problema en Django versiones 3.2 anteriores a 3.2.14 y 4.0 anteriores a 4.0.6. Las funciones de base de datos Trunc() y Extract() están sujetas a inyección SQL si son usados datos no confiables como valor de kind/lookup_name. • https://github.com/aeyesec/CVE-2022-34265 https://github.com/ZhaoQi99/CVE-2022-34265 https://github.com/traumatising/CVE-2022-34265 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI https://security.ne • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-28347 – Django: SQL injection via QuerySet.explain(options) on PostgreSQL

https://notcve.org/view.php?id=CVE-2022-28347

A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. Se ha detectado un problema de inyección SQL en la función QuerySet.explain() en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Esto ocurre al pasar un diccionario diseñado (con expansión de diccionario) como el argumento **options, y colocar una carga útil de inyección en un nombre de opción A flaw was found in the Django package, leading to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. • http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI https://www.debian.org/security/2022/dsa-5254 https://www.djangoproject.com/weblog/2022/apr • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 4

CVE-2022-28346 – Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

https://notcve.org/view.php?id=CVE-2022-28346

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Los métodos QuerySet.annotate(), aggregate() y extra() están sujetos a inyección SQL en los alias de columna por medio de un diccionario diseñado (con expansión de diccionario) como los **kwargs pasados A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. • https://github.com/DeEpinGh0st/CVE-2022-28346 https://github.com/YouGina/CVE-2022-28346 https://github.com/kamal-marouane/CVE-2022-28346 https://github.com/vincentinttsh/CVE-2022-28346 http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html https://lists.fedoraproject.org/archives/list/package • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 0

CVE-2022-23833 – django: Denial-of-service possibility in file uploads

https://notcve.org/view.php?id=CVE-2022-23833

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files. Se ha detectado un problema en MultiPartParser en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2. Pasar determinadas entradas a formularios multiparte podía resultar en un bucle infinito cuando eran analizados los archivos A flaw was found in Django. The issue occurs when passing certain inputs to multipart forms, resulting in an infinite loop when parsing files. • https://docs.djangoproject.com/en/4.0/releases/security https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468 https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9 https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20220221-0003 https:/& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 1

CVE-2022-22818 – django: Possible XSS via '{% debug %}' template tag

https://notcve.org/view.php?id=CVE-2022-22818

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. La etiqueta de plantilla {% debug %} en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2, no codifica correctamente el contexto actual. Esto puede conllevar a un ataque de tipo XSS A flaw was found in Django. The ``{% debug %}`` template tag did not properly encode the current context, posing a Cross-site scripting attack vector (XSS). • https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20220221-0003 https://www.debian.org/security/2022/dsa-5254 https://www.djangoproject.com/weblog/2022/feb/01/security-releases https://access.redhat.com/security/cve/CVE-2022-22818 https://bugzilla.redhat.com/show_bug • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •