exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2025-13372

2 месяца назад

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-13372

2 месяца назад

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-13372

2 месяца назад

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4. ...

CVSS3: 4.3

EPSS: Низкий

ROS-20260129-73-0044

6 дней назад

Уязвимость python-django

CVSS3: 4.3

EPSS: Низкий

GHSA-rqw2-ghq9-44m7

2 месяца назад

Django is vulnerable to SQL injection in column aliases

CVSS3: 4.3

EPSS: Низкий

SUSE-SU-2025:4384-1

около 2 месяцев назад

Security update for python-Django

EPSS: Низкий

openSUSE-SU-2025:20153-1

около 2 месяцев назад

Security update for python-Django

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-13372 An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.	CVSS3: 4.3	0% Низкий	2 месяца назад
CVE-2025-13372 An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.	CVSS3: 4.3	0% Низкий	2 месяца назад
CVE-2025-13372 An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4. ...	CVSS3: 4.3	0% Низкий	2 месяца назад
ROS-20260129-73-0044 Уязвимость python-django	CVSS3: 4.3	0% Низкий	6 дней назад
GHSA-rqw2-ghq9-44m7 Django is vulnerable to SQL injection in column aliases	CVSS3: 4.3	0% Низкий	2 месяца назад
SUSE-SU-2025:4384-1 Security update for python-Django			около 2 месяцев назад
openSUSE-SU-2025:20153-1 Security update for python-Django			около 2 месяцев назад

Уязвимостей на страницу