Количество 9
Количество 9
CVE-2022-28346
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
CVE-2022-28346
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
CVE-2022-28346
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
CVE-2022-28346
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13 ...
GHSA-2gwj-7jmv-h26r
SQL Injection in Django
BDU:2022-02671
Уязвимость реализации методов QuerySet.annotate(), aggregate() и extra() программной платформы для веб-приложений Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
ROS-20220516-04
Множественные уязвимости Django
SUSE-SU-2024:2817-1
Security update for python-Django
openSUSE-SU-2023:0005-1
Security update for python-Django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-28346 An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | CVSS3: 9.8 | 5% Низкий | почти 4 года назад |
 | CVE-2022-28346 An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | CVSS3: 9.4 | 5% Низкий | почти 4 года назад |
 | CVE-2022-28346 An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | CVSS3: 9.8 | 5% Низкий | почти 4 года назад |
| CVE-2022-28346 An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13 ... | CVSS3: 9.8 | 5% Низкий | почти 4 года назад |
| GHSA-2gwj-7jmv-h26r SQL Injection in Django | CVSS3: 9.8 | 5% Низкий | почти 4 года назад |
 | BDU:2022-02671 Уязвимость реализации методов QuerySet.annotate(), aggregate() и extra() программной платформы для веб-приложений Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 9.8 | 5% Низкий | почти 4 года назад |
 | ROS-20220516-04 Множественные уязвимости Django | больше 3 лет назад | ||
 | SUSE-SU-2024:2817-1 Security update for python-Django | больше 1 года назад | ||
| openSUSE-SU-2023:0005-1 Security update for python-Django | около 3 лет назад |
Уязвимостей на страницу