Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SQL Injection

🗓️ 05 Jul 2022 04:15:37Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 37 Views

django vulnerability to SQL injection via `Trunc()` and `Extract()` function

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ALT Linux		Security fix for the ALT Linux 10 package python3-module-django version 3.2.15-alt1
30 Aug 202200:00
altlinux
FreeBSD		Django -- multiple vulnerabilities
21 Jun 202200:00
freebsd
GithubExploit		Exploit for SQL Injection in Djangoproject Django
24 Aug 202207:29
githubexploit
GithubExploit		Exploit for SQL Injection in Djangoproject Django
7 Jul 202207:45
githubexploit
GithubExploit		Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
3 Apr 202018:47
githubexploit
AlpineLinux		CVE-2022-34265
4 Jul 202200:00
alpinelinux
AstraLinux		 Astra Linux - уязвимость в python-django
20 May 202605:53
astralinux
Circl		CVE-2022-34265
4 Jul 202211:18
circl
CNNVD		Django SQL注入漏洞
4 Jul 202200:00
cnnvd
CNVD		Django SQL Injection Vulnerability (CNVD-2022-49971)
7 Jul 202200:00
cnvd
Rows per page
Vulners
Node
googlebionicMatch1:1.11.11-1ubuntu1.9debian
AND
googlebionicMatch1:1.11.11-1ubuntu1debian
AND
googlebionicMatch1:1.11.11-1ubuntu1.14debian
AND
debiandebian_linux
OR
py3-djangopy3-djangoMatch3.2.13-r0python
AND
alpinelinuxalpine_linuxMatch3.16
OR
py3-djangopy3-djangoMatch1.11.29-r0python
AND
py3-djangopy3-djangoMatch1.11.28-r0python
AND
py3-djangopy3-djangoMatch3.1.13-r1python
AND
py3-djangopy3-djangoMatch3.1.13-r0python
AND
py3-djangopy3-djangoMatch3.2.13-r0python
AND
py3-djangopy3-djangoMatch3.1.8-r0python
AND
py3-djangopy3-djangoMatch3.1.7-r0python
AND
py3-djangopy3-djangoMatch3.2.12-r0python
AND
py3-djangopy3-djangoMatch3.1.7-r1python
AND
alpinelinuxalpine_linuxMatchedge
OR
python-djangopython-djangoMatch1:1.11.29-1~deb10u1debian
AND
debiandebian_linuxMatch10
OR
django_projectdjangoRange1.8a13.2.13python
OR
django_projectdjangoRange4.0a14.0.5python
OR
python-djangopython-djangoMatch2.2.24_1.el8ui
OR
python-djangopython-djangoMatch2.2.19_1.el8
OR
python-djangopython-djangoMatch3.2.9_3.el8ui
OR
python-djangopython-djangoMatch2.2.9_1.epel8.playground
OR
python-djangopython-djangoMatch2.0.10_1.el8ost
OR
python-djangopython-djangoMatch2.2.17_1.el8pc
OR
python-djangopython-djangoMatch2.2.24_1.el8
OR
python-djangopython-djangoMatch2.2.3_1.el8
OR
python-djangopython-djangoMatch2.2.13_1.el8
OR
python-djangopython-djangoMatch2.2.13_1.epel8.playground
OR
python-djangopython-djangoMatch2.1.7_1.el8d
OR
python-djangopython-djangoMatch2.2.9_1.el8
OR
python-djangopython-djangoMatch2.1.11_1.el8ost
OR
python-djangopython-djangoMatch3.2.13_4.el8pc
OR
python-djangopython-djangoMatch2.2.3_1.epel8.playground
OR
python-djangopython-djangoMatch3.2.13_2.el8ui
OR
python-djangopython-djangoMatch3.2.7_4.el8pc
OR
python-djangopython-djangoMatch3.2.13_1.el8pc
OR
python-djangopython-djangoMatch2.2.17_1.el8
OR
python-djangopython-djangoMatch3.2.14_1.el8pc
SourceLink
docswww.docs.djangoproject.com/en/4.0/releases/security/
groupswww.groups.google.com/g/django-announce
djangoprojectwww.djangoproject.com/weblog/2022/jul/04/security-releases/
githubwww.github.com/django/django/commit/a9010fe5555e6086a9d9ae50069579400ef0685e
githubwww.github.com/django/django/commit/0dc9c016fadb71a067e5a42be30164e3f96c0492
githubwww.github.com/django/django/commit/284b188a4194e8fa5d72a73b09a869d7dd9f0dc5
debianwww.debian.org/security/2022/dsa-5254
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Nov 2023 22:19Current
10High risk
Vulners AI Score10
CVSS 27.5
CVSS 3.19.8
EPSS0.92834
sql injectiondjangovulnerabilitytrunc()extract()arbitrary queries
37