CVE-2024-22199 – Django Template Engine Vulnerable to XSS
https://notcve.org/view.php?id=CVE-2024-22199
This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execution of malicious scripts in users' browsers when visiting affected web pages. The vulnerability has been addressed, the template engine now defaults to having autoescape set to `true`, effectively mitigating the risk of XSS attacks. Este paquete proporciona métodos universales para usar múltiples motores de plantillas con el framework web de Fiber mediante la interfaz de Views. Esta vulnerabilidad afecta específicamente a las aplicaciones web que procesan datos proporcionados por el usuario a través de este motor de plantillas, lo que podría provocar la ejecución de scripts maliciosos en los navegadores de los usuarios cuando visitan las páginas web afectadas. • https://github.com/gofiber/template/commit/28cff3ac4d4c117ab25b5396954676d624b6cb46 https://github.com/gofiber/template/security/advisories/GHSA-4mq2-gc4j-cmw6 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVE-2022-28347 – Django: SQL injection via QuerySet.explain(options) on PostgreSQL
https://notcve.org/view.php?id=CVE-2022-28347
A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. Se ha detectado un problema de inyección SQL en la función QuerySet.explain() en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Esto ocurre al pasar un diccionario diseñado (con expansión de diccionario) como el argumento **options, y colocar una carga útil de inyección en un nombre de opción A flaw was found in the Django package, leading to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. • http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI https://www.debian.org/security/2022/dsa-5254 https://www.djangoproject.com/weblog/2022/apr • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-28346 – Django: SQL injection in QuerySet.annotate(),aggregate() and extra()
https://notcve.org/view.php?id=CVE-2022-28346
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Los métodos QuerySet.annotate(), aggregate() y extra() están sujetos a inyección SQL en los alias de columna por medio de un diccionario diseñado (con expansión de diccionario) como los **kwargs pasados A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. • https://github.com/DeEpinGh0st/CVE-2022-28346 https://github.com/YouGina/CVE-2022-28346 https://github.com/kamal-marouane/CVE-2022-28346 https://github.com/vincentinttsh/CVE-2022-28346 http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html https://lists.fedoraproject.org/archives/list/package • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-23833 – django: Denial-of-service possibility in file uploads
https://notcve.org/view.php?id=CVE-2022-23833
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files. Se ha detectado un problema en MultiPartParser en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2. Pasar determinadas entradas a formularios multiparte podía resultar en un bucle infinito cuando eran analizados los archivos A flaw was found in Django. The issue occurs when passing certain inputs to multipart forms, resulting in an infinite loop when parsing files. • https://docs.djangoproject.com/en/4.0/releases/security https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468 https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9 https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20220221-0003 https:/& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2022-22818 – django: Possible XSS via '{% debug %}' template tag
https://notcve.org/view.php?id=CVE-2022-22818
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. La etiqueta de plantilla {% debug %} en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2, no codifica correctamente el contexto actual. Esto puede conllevar a un ataque de tipo XSS A flaw was found in Django. The ``{% debug %}`` template tag did not properly encode the current context, posing a Cross-site scripting attack vector (XSS). • https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20220221-0003 https://www.debian.org/security/2022/dsa-5254 https://www.djangoproject.com/weblog/2022/feb/01/security-releases https://access.redhat.com/security/cve/CVE-2022-22818 https://bugzilla.redhat.com/show_bug • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •