PYSEC-2022-213

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

Sql injection

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

PYSEC-2022-213

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

CVE-2022-34265

A flaw was found in Django. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value...

CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

UBUNTU-CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

CVE-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5501-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5501-1 advisory. It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information...

Django SQL注入漏洞

Django is the Django Foundation's set of open source web application framework based on the Python language . The framework includes object-oriented mapper, view system, template system, etc. Django has a SQL injection vulnerability that can be exploited by attackers to send specially crafted SQL...

Django -- multiple vulnerabilities

The Django Project reports: CVE-2022-34265: Potential SQL injection via Trunckind and Extractlookupname arguments...

PT-2022-3421 · Django +5 · Django +5

Name of the Vulnerable Software and Affected Versions: Django versions 3.2.0 through 3.2.13 Django versions 4.0.0 through 4.0.5 Description: The issue is related to SQL injection in the Trunc and Extract database functions when untrusted data is used as a kind/lookup name value. This can allow an...

llvm:clang-fuzzer: Segv on unknown address in llvm::APInt::trunc

Detailed Report: https://oss-fuzz.com/testcase?key=5653608042594304 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: llvm::APInt::trunc AnalyzeBitFieldAssignment...