CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

PYSEC-2022-213

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

Sql injection

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

PYSEC-2022-213

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

CVE-2022-34265

A flaw was found in Django. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value...

CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

UBUNTU-CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

Django SQL注入漏洞

Django is the Django Foundation's set of open source web application framework based on the Python language . The framework includes object-oriented mapper, view system, template system, etc. Django has a SQL injection vulnerability that can be exploited by attackers to send specially crafted SQL...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5501-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5501-1 advisory. It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information...

Flaws in Smart Jacuzzi App Could Be Exploited To Extract Users’ Data

By Deeba Ahmed The vulnerability existed in Jacuzzi Brand LLC’s SmartTub app web interface that could reveal users private data to… This is a post from HackRead.com Read the original post: Flaws in Smart Jacuzzi App Could Be Exploited To Extract Users Data...

Django -- multiple vulnerabilities

The Django Project reports: CVE-2022-34265: Potential SQL injection via Trunckind and Extractlookupname arguments...

Metasploit Weekly Wrap-Up

vCenter Secret Extracter Expanding on the work of the vcenterforgesamltoken auxiliary module, community contributor npm-cesium137-io has added a new module for extracting the vmdir/vmafd certificates, the IdP keypair, the VMCA root cert, and anything from vmafd that has a private key associated,...

Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

GHSA-CM4R-58PJ-H2PH Moodle allows attackers to extract archives to arbitrary directories

mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value...

CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. NOTE: WinRAR and Android RAR are unaffected...

Directory traversal

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. NOTE: WinRAR and Android RAR are unaffected...

CVE-2022-30333

CVE-2022-30333 affects RARLAB UnRAR on Linux/UNIX before 6.12, where a directory traversal during an extract can write arbitrary files (demonstrated by creating ~/.ssh/authorized_keys). The issue is confirmed across multiple sources (Astra Linux note mirrors the UnRAR pre-6.12 flaw; Debian LTS ad...

DEBIAN-CVE-2021-44499

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...

Buffer overflow

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...