Description

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Remediation

References

CVE-2022-34265

Related Vulnerabilities

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-29004)

WordPress Plugin Super Refer A Friend Information Disclosure (1.0)

WordPress Plugin WP Google Fonts Cross-Site Scripting (3.1.3)

MySQL CVE-2022-21600 Vulnerability (CVE-2022-21600)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4833)

Severity

Critical

Classification

CVE-2022-34265 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities