Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/core/files/storage.py

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.

Publish Date: 2020-09-01

URL: CVE-2020-24583

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2020/sep/01/security-releases/

Release Date: 2020-09-01

Fix Resolution: 2.2.16,3.0.10,3.1.1

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/urls/resolvers.py

Vulnerability Details

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

Publish Date: 2021-12-08

URL: CVE-2021-44420

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://docs.djangoproject.com/en/3.2/releases/security/

Release Date: 2021-12-08

Fix Resolution: Django - 2.2.25,3.1.14,3.2.10

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/db/models/sql/query.py

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.

Publish Date: 2022-04-12

URL: CVE-2022-28346

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2022-04-12

Fix Resolution: Django - 2.2.28,3.2.13,4.0.4

Vulnerable Library - sqlparse0.4.1

A non-validating SQL parser module for Python

Library home page: https://github.com/andialbrecht/sqlparse.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/sqlparse/keywords.py

Vulnerability Details

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit c457abd5f. Users are advised to upgrade. There are no known workarounds for this issue.

Publish Date: 2023-04-18

URL: CVE-2023-30608

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-rrm6-wvj7-cwh2

Release Date: 2023-04-18

Fix Resolution: sqlparse - 0.4.4

Vulnerable Library - sqlparse0.4.1

A non-validating SQL parser module for Python

Library home page: https://github.com/andialbrecht/sqlparse.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/sqlparse/filters/others.py

Vulnerability Details

sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround don't use the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. The issues has been fixed in sqlparse 0.4.2.

Publish Date: 2021-09-20

URL: CVE-2021-32839

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-p5w8-wqhj-9hhf

Release Date: 2021-09-20

Fix Resolution: sqlparse - 0.4.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: 0c3a2a788628ecaa3934633cb54922851409ef0e

Found in base branch: master

Vulnerability Details

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.

Publish Date: 2021-05-06

URL: CVE-2021-32052

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32052

Release Date: 2021-05-06

Fix Resolution: Django - 2.2.22,3.1.10,3.2.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.

Publish Date: 2020-06-03

URL: CVE-2020-13596

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2020/jun/03/security-releases/

Release Date: 2020-06-03

Fix Resolution: 3.0.7,2.2.13

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/http/multipartparser.py

Vulnerability Details

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Publish Date: 2022-02-03

URL: CVE-2022-23833

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/feb/01/security-releases/

Release Date: 2022-02-03

Fix Resolution: Django - 2.2.27,3.2.12,4.0.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/template/defaulttags.py

Vulnerability Details

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.

Publish Date: 2022-02-03

URL: CVE-2022-22818

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/feb/01/security-releases/

Release Date: 2022-02-03

Fix Resolution: Django - 2.2.27,3.2.12,4.0.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/core/files/storage.py

Vulnerability Details

Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.

Publish Date: 2022-01-05

URL: CVE-2021-45452

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/

Release Date: 2022-01-05

Fix Resolution: Django - 2.2.26,3.2.11,4.0.1

Vulnerable Library - sqlparse0.4.1

A non-validating SQL parser module for Python

Library home page: https://github.com/andialbrecht/sqlparse.git

Found in base branch: master

Vulnerability Details

Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.

Publish Date: 2024-04-30

URL: CVE-2024-4340

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-4340

Release Date: 2024-04-30

Fix Resolution: sqlparse - 0.5.0

Vulnerable Library - sqlparse0.4.1

A non-validating SQL parser module for Python

Library home page: https://github.com/andialbrecht/sqlparse.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/sqlparse/filters/others.py

Vulnerability Details

StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)
The formatter function that strips comments from a SQL contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments.

Publish Date: 2021-09-10

URL: WS-2021-0369

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-p5w8-wqhj-9hhf

Release Date: 2021-09-10

Fix Resolution: sqlparse - 0.4.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.

Publish Date: 2020-09-01

URL: CVE-2020-24584

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2020/sep/01/security-releases/

Release Date: 2020-09-01

Fix Resolution: 2.2.16,3.0.10,3.1.1

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/template/defaultfilters.py

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.

Publish Date: 2022-01-05

URL: CVE-2021-45116

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/

Release Date: 2022-01-05

Fix Resolution: Django - 2.2.26,3.2.11,4.0.1

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: 0c3a2a788628ecaa3934633cb54922851409ef0e

Found in base branch: master

Vulnerability Details

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.

Publish Date: 2021-06-08

URL: CVE-2021-33203

CVSS 3 Score Details (4.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://docs.djangoproject.com/en/3.2/releases/security/

Release Date: 2021-06-08

Fix Resolution: Django - 2.2.24, 3.1.12, 3.2.4

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: ccd0ac7148a234fe0a7574b6aa14696509297c6b

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/http/multipartparser.py

Vulnerability Details

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.

Publish Date: 2021-04-06

URL: CVE-2021-28658

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658

Release Date: 2021-04-06

Fix Resolution: django-2.2.20, 3.0.14, 3.1.8, 3.2

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: 0c3a2a788628ecaa3934633cb54922851409ef0e

Found in base branch: master

Vulnerability Details

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .

Publish Date: 2021-06-08

URL: CVE-2021-33571

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2021/jun/02/security-releases/

Release Date: 2021-06-08

Fix Resolution: Django - 2.2.24, 3.1.12, 3.2.4

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/db/models/functions/datetime.py

Vulnerability Details

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Publish Date: 2022-07-04

URL: CVE-2022-34265

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/jul/04/security-releases/

Release Date: 2022-07-04

Fix Resolution: Django - 3.2.14,4.0.6

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/contrib/auth/password_validation.py

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.

Publish Date: 2022-01-05

URL: CVE-2021-45115

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/

Release Date: 2022-01-05

Fix Resolution: Django - 2.2.26,3.2.11,4.0.1

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: 0c3a2a788628ecaa3934633cb54922851409ef0e

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/core/files/storage.py

Vulnerability Details

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

Publish Date: 2021-05-05

URL: CVE-2021-31542

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2021/may/04/security-releases/

Release Date: 2021-05-05

Fix Resolution: Django - 2.2.21,3.1.9,3.2.1

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in HEAD commit: fa78c290b18d8c7476e9917df4bc7dd046917971

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/core/cache/backends/memcached.py

Vulnerability Details

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.

Publish Date: 2020-06-03

URL: CVE-2020-13254

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://www.djangoproject.com/weblog/2020/jun/03/security-releases/

Release Date: 2020-06-03

Fix Resolution: 3.0.7,2.2.13

Vulnerable Library - django2.2.12

The Web framework for perfectionists with deadlines.

Library home page: https://github.com/django/django.git

Found in base branch: master

Vulnerable Source Files (1)

/thme/Django/venv/lib/python3.6/site-packages/django/db/models/sql/query.py

Vulnerability Details

A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.

Publish Date: 2022-04-12

URL: CVE-2022-28347

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347

Release Date: 2022-04-12

Fix Resolution: Django - 2.2.28,3.2.13,4.0.4