exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2022-34265

почти 3 года назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

почти 3 года назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

почти 3 года назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

почти 3 года назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0 ...

CVSS3: 9.8

EPSS: Критический

GHSA-p64x-8rxx-wf6q

почти 3 года назад

Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection

CVSS3: 9.8

EPSS: Критический

BDU:2022-04199

около 3 лет назад

Уязвимость функции Trunc/Extract фреймворка для веб-разработки Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

CVSS3: 6.3

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	почти 3 года назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	почти 3 года назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	почти 3 года назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0 ...	CVSS3: 9.8	93% Критический	почти 3 года назад
GHSA-p64x-8rxx-wf6q Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection	CVSS3: 9.8	93% Критический	почти 3 года назад
BDU:2022-04199 Уязвимость функции Trunc/Extract фреймворка для веб-разработки Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации	CVSS3: 6.3	93% Критический	около 3 лет назад

Уязвимостей на страницу