Lucene search
FreeBSD1685144E-63FF-11EA-A93A-080027846A02HistoryFeb 25, 2020 - 12:00 a.m.
Django -- potential SQL injection vulnerability
2020-02-2500:00:00
vuxml.freebsd.org
13
0.141 Low
EPSS
Percentile
95.7%
MITRE CVE reports:
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4
allows SQL Injection if untrusted data is used as a tolerance parameter
in GIS functions and aggregates on Oracle. By passing a suitably crafted
tolerance to GIS functions and aggregates on Oracle, it was possible to
break escaping and inject malicious SQL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | py27-django111 | < 1.11.29 | UNKNOWN |
| FreeBSD | any | noarch | py35-django111 | < 1.11.29 | UNKNOWN |
| FreeBSD | any | noarch | py36-django111 | < 1.11.29 | UNKNOWN |
| FreeBSD | any | noarch | py37-django111 | < 1.11.29 | UNKNOWN |
| FreeBSD | any | noarch | py38-django111 | < 1.11.29 | UNKNOWN |
| FreeBSD | any | noarch | py35-django22 | < 2.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py36-django22 | < 2.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py37-django22 | < 2.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py38-django22 | < 2.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py36-django30 | < 3.0.4 | UNKNOWN |
Related
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerability (USN-4296-1)
2020-03-06 00:00:00
FreeBSD : Django -- potential SQL injection vulnerability (1685144e-63ff-11ea-a93a-080027846a02)
2020-03-12 00:00:00
Debian DLA-3024-1 : python-django - LTS security update
2022-05-27 00:00:00
osv
osv
python-django - security update
2022-05-26 00:00:00
SQL injection in Django
2020-06-05 14:52:07
PYSEC-2020-36
2020-03-05 15:15:00
openvas
openvas
Django 1.11.x < 1.11.29, 2.2.x < 2.2.11, 3.0.x < 3.0.4 SQL Injection Vulnerability - Windows
2020-03-06 00:00:00
Debian: Security Advisory (DLA-3024-1)
2022-05-27 00:00:00
Ubuntu: Security Advisory (USN-4296-1)
2020-03-05 00:00:00
nuclei
nuclei
Django SQL Injection
2021-07-26 17:18:45
ubuntucve
ubuntucve
CVE-2020-9402
2020-03-04 00:00:00
cvelist
cvelist
CVE-2020-9402
2020-03-05 14:49:57
github
github
SQL injection in Django
2020-06-05 14:52:07
prion
prion
Sql injection
2020-03-05 15:15:00
cve
cve
CVE-2020-9402
2020-03-05 15:15:00
debian
debian
[SECURITY] [DLA 3024-1] python-django security update
2022-05-26 11:06:05
[SECURITY] [DSA 4705-1] python-django security update
2020-06-18 08:51:53
[SECURITY] [DSA 4705-1] python-django security update
2020-06-18 08:52:14
redhatcve
redhatcve
CVE-2020-9402
2020-03-04 14:41:07
debiancve
debiancve
CVE-2020-9402
2020-03-05 15:15:00
ubuntu
ubuntu
Django vulnerability
2020-03-04 00:00:00
veracode
veracode
SQL Injection
2020-03-05 05:52:41
archlinux
archlinux
[ASA-202003-5] python-django: sql injection
2020-03-08 00:00:00
alpinelinux
alpinelinux
CVE-2020-9402
2020-03-05 15:15:00
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 32 Update: python-django-3.0.7-1.fc32
2020-06-19 01:05:39
[SECURITY] Fedora 31 Update: python-django-2.2.13-1.fc31
2020-06-19 01:07:50
gentoo
gentoo
Django: Multiple vulnerabilities
2020-04-30 00:00:00
redhat
redhat
(RHSA-2021:1313) Moderate: Satellite 6.9 Release
2021-04-21 12:43:38