Security Bulletin: IBM Edge Data Collector uses django-4.2.25-py3-none-any.whl which is vulnerable to CVE-2025-64458, CVE-2025-64459.

Summary IBM Edge Data Collector uses django-4.2.25-py3-none-any.whl which is vulnerable to CVE-2025-64458, CVE-2025-64459. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-64458 DESCRIPTION: An issue was discovered in 5.1 before 5.1.14, 4.2...

Fedora: Security Advisory (FEDORA-2025-24dfd3b072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20153-1 Rating: important References: bsc1252926 bsc1254437 Cross-References: CVE-2025-13372 CVE-2025-64459 CVE-2025-64460 CVSS scores:...

Exploit for SQL Injection in Djangoproject Django

CVE-2025-64459-Exploit-PoC CVE-2025-64459: Critical RCE in Dja...

Security Bulletin: Denial-of-service attack, SQL injection, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to denial-of-service attack, SQL injection, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64458 DESCRIPTION: An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before...

Exploit for SQL Injection in Djangoproject Django

CTF Challenge: Django ORM Injection CVE-2025-64459 Catego...

Django 5.1.13 - SQL Injection

Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link: https://www.djangoproject.com/download/ Version: 5.2 before 5.2.8, 5.1 befo...

About SQL Injection – Django (CVE-2025-64459) vulnerability

About SQL Injection - Django CVE-2025-64459 vulnerability. Django is a free and open-source high-level Python web framework. The vulnerability allows attackers to manipulate database query logic by injecting internal query parameters connector and negated when applications pass user-controlled...

Exploit for SQL Injection in Djangoproject Django

Django-CVE-2025-64459-Testbed A self-contained testbed for Dj...

Mageia: Security Advisory (MGASA-2025-0292)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2025-2679 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence,...

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-64459: Fixed a potential SQL injection via the 'connector' keyword bsc1252926 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

SUSE-SU-2025:4100-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2025-64459: Fixed a potential SQL injection via the 'connector' keyword bsc1252926...

CVE-2025-64459

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class Q, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the connector argument...

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2025:0421-1 Rating: important References: 1252926 Cross-References: CVE-2025-64459 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +509 more potentially affected by CVE-2025-64459 via django (>=4.0.0 <=4.2.25)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-64459 Source advisory: SNYK:PYTHON-DJANGO-13836728...

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +254 more potentially affected by CVE-2025-64459 via django (>=5.0.0 <=5.1.13)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2025-64459 Source advisory: SNYK:PYTHON-DJANGO-13836728...

a3m (=0.1.0), aa-charlink (>=0.1.1 <=1.0.0) +2522 more potentially affected by CVE-2025-64459 via django (>=1.10.0 <=4.2.25)

django PYPI version =1.10.0, =0.1.1, =1.0.0, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =1.4.0, =1.4.2 - adede =4.1.0 and more Source cves: CVE-2025-64459 Source advisory: OSV:GHSA-FRMV-PR5F-9MCR...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1439 more potentially affected by CVE-2025-64459 via django (>=5.2.0 <=5.2.7)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-64459 Source advisory: OSV:GHSA-FRMV-PR5F-9MCR...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1439 more potentially affected by CVE-2025-64459 via django (>=5.2.0 <=5.2.7)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-64459 Source advisory: OSV:PYSEC-2025-108...