Описание
Security update for python-Django
This update for python-Django fixes the following issues:
- CVE-2025-59681: Fixed a potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB (boo#1250485)
- CVE-2025-59682: Fixed a potential partial directory-traversal via archive.extract() (boo#1250487)
Список пакетов
openSUSE Leap 16.0
Ссылки
- SUSE Security Ratings
- SUSE Bug 1250485
- SUSE Bug 1250487
- SUSE CVE CVE-2025-59681 page
- SUSE CVE CVE-2025-59682 page
Описание
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).
Затронутые продукты
Ссылки
- CVE-2025-59681
- SUSE Bug 1250485
Описание
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
Затронутые продукты
Ссылки
- CVE-2025-59682
- SUSE Bug 1250487