exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2022-34265

больше 3 лет назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

больше 3 лет назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

больше 3 лет назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

CVSS3: 9.8

EPSS: Критический

CVE-2022-34265

больше 3 лет назад

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0 ...

CVSS3: 9.8

EPSS: Критический

GHSA-p64x-8rxx-wf6q

больше 3 лет назад

Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection

CVSS3: 9.8

EPSS: Критический

BDU:2022-04199

больше 3 лет назад

Уязвимость функции Trunc/Extract фреймворка для веб-разработки Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

CVSS3: 6.3

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	больше 3 лет назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	больше 3 лет назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.	CVSS3: 9.8	93% Критический	больше 3 лет назад
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0 ...	CVSS3: 9.8	93% Критический	больше 3 лет назад
GHSA-p64x-8rxx-wf6q Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection	CVSS3: 9.8	93% Критический	больше 3 лет назад
BDU:2022-04199 Уязвимость функции Trunc/Extract фреймворка для веб-разработки Django, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации	CVSS3: 6.3	93% Критический	больше 3 лет назад

Уязвимостей на страницу