Showing 1 - 4 of 4

CVE-2022-34265

Status Candidate

Overview

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Related Files

Red Hat Security Advisory 2022-8506-01: Posted Nov 17, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.; tags | advisory, remote, denial of service, vulnerability, code execution, xss, sql injection; systems | linux, redhat; advisories | CVE-2021-37136, CVE-2021-37137, CVE-2022-22818, CVE-2022-24836, CVE-2022-25648, CVE-2022-29970, CVE-2022-32209, CVE-2022-34265; SHA-256 | 2d5699b272bf62135c49021ecfc5e70e3ef3e624c94ce2a33e3c23d5cd96ba6d; Download | Favorite | View

Debian Security Advisory 5254-1: Posted Oct 15, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.; tags | advisory, web, denial of service, xss, sql injection, python; systems | linux, debian; advisories | CVE-2022-22818, CVE-2022-23833, CVE-2022-28346, CVE-2022-28347, CVE-2022-34265, CVE-2022-36359, CVE-2022-41323; SHA-256 | f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6; Download | Favorite | View

Red Hat Security Advisory 2022-5738-01: Posted Aug 4, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5738-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include a remote SQL injection vulnerability.; tags | advisory, remote, sql injection; systems | linux, redhat; advisories | CVE-2022-34265; SHA-256 | 7e41a316501851fd6f3baf50dd0a4b9e4248d91642db6933d2ed534c86b736c1; Download | Favorite | View

Ubuntu Security Notice USN-5501-1: Posted Jul 4, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5501-1 - It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2022-34265; SHA-256 | 4226740ffbdef1621e074a3b90f2515414d0c57aaa3e50985b920fb14506e04c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2022-34265

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems