2 matches found
CVE-2025-13372
creationtimestamp| type| source ---|---|--- 2025-12-02 14:49:11+00:00| seen| https://seclists.org/oss-sec/2025/q4/226 2025-12-02 16:31:29+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m6zekey5zw22 2025-12-02 23:17:00+00:00| seen|...
CVE-2025-13372
An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet.annotate or QuerySet.alias on PostgreSQL. Earlier...