Lucene search
K

25 matches found

RedHat Linux
RedHat Linux
added 2022/07/05 2:41 p.m.7 views

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

9.8CVSS7.1AI score0.18516EPSS
Exploits3References5
PyPA
PyPA
added 2022/04/12 5:15 a.m.10 views

PYSEC-2022-190

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

9.8CVSS8AI score0.18516EPSS
Exploits3References6Affected Software1
OSV
OSV
added 2019/08/09 1:15 p.m.7 views

ALPINE-CVE-2019-14234

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to...

9.8CVSS7.7AI score0.47694EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 10:0 a.m.6 views

UBUNTU-CVE-2019-14234

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to...

9.8CVSS6.9AI score0.47694EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/26 12:0 a.m.5 views

mcholste Enterprise Log Search and Archive Cross-Site Scripting Vulnerability

mcholste Enterprise Log Search and Archive ELSA is an enterprise log search and archive system. A cross-site scripting vulnerability exists in the index view in mcholste ELSA version 1205, commit 2cc17f1 and earlier. A remote attacker can leverage the 'type', 'name', and 'value' parameters in...

6.1CVSS6.2AI score0.00645EPSS
Exploits0References1
Rows per page
Query Builder