Количество 8
Количество 8
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, ...
GHSA-m9g8-fxxm-xg86
Django SQL injection in HasKey(lhs, rhs) on Oracle
BDU:2024-10874
Уязвимость класса django.db.models.fields.json.HasKey программной платформы для веб-приложений Django, позволяющая нарушителю выполнить произвольный SQL-код
SUSE-SU-2024:4285-1
Security update for python-Django
ROS-20250127-01
Множественные уязвимости python3-django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-53908 An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.) | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-53908 An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.) | CVSS3: 9.1 | 0% Низкий | 7 месяцев назад |
 | CVE-2024-53908 An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.) | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
| CVE-2024-53908 An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, ... | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
| GHSA-m9g8-fxxm-xg86 Django SQL injection in HasKey(lhs, rhs) on Oracle | CVSS3: 9.8 | 0% Низкий | 7 месяцев назад |
 | BDU:2024-10874 Уязвимость класса django.db.models.fields.json.HasKey программной платформы для веб-приложений Django, позволяющая нарушителю выполнить произвольный SQL-код | CVSS3: 9.1 | 0% Низкий | 7 месяцев назад |
 | SUSE-SU-2024:4285-1 Security update for python-Django | 6 месяцев назад | ||
 | ROS-20250127-01 Множественные уязвимости python3-django | CVSS3: 9.1 | 5 месяцев назад |
Уязвимостей на страницу