Published: 12/04/2022 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.

Vulnerable Product	Search on Vulmon	Subscribe to Product
djangoproject django
debian debian linux 9.0
debian debian linux 11.0

Debian Bug report logs - #1009677 python-django: CVE-2022-28346 Package: python-django; Maintainer for python-django is Debian Python Team <team+python@trackerdebianorg>; Source for python-django is src:python-django (PTS, buildd, popcon) Reported by: "Chris Lamb" <lamby@debianorg> Date: Thu, 14 Apr 2022 08:48:02 ...

Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting For the stable distribution (bullseye), these problems have been fixed in version 2:2228-1~deb11u1 We recommend that you upgrade your python-django packages For the detailed security ...

Several security issues were fixed in Django ...

Synopsis Moderate: Satellite 611 Release Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Satellite 611 Description Red Hat Satellite is a systems management tool for Linux-basedin ...

Synopsis Important: RHUI 411 release - Security Fixes and Enhancement Update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An updated version of Red Hat Update Infrastructure (RHUI) is now available RHUI 411 introd ...

Synopsis Moderate: Red Hat OpenStack Platform 162 (python-django20) security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python-django20 is now available for Red Hat OpenStackPlatform 1623 (Trai ...

Synopsis Important: Red Hat Ansible Automation Platform 12 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Ansible Automation Platform 12Red Hat Product Security ha ...

Synopsis Important: Red Hat Ansible Automation Platform 212 security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Ansible Automation Platform 21Red Hat Produ ...

Synopsis Important: Red Hat OpenStack Platform 1619 (python-django20) security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python-django20 is now available for Red Hat OpenStackPlatform 1619 ( ...

An issue was discovered in Django 22 before 2228, 32 before 3213, and 40 before 404 QuerySetannotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs ...

QuerySetannotate(), aggregate(), and extra() methods were subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods ...

Django SQL Injection Vulnerability Environment.

Django SQL Inject Env Django SQL Injection Vulnerability Environment CVE-2020-7471 CVE-2021-35042 CVE-2022-28346

Django QuerySet.annotate(), aggregate(), extra() SQL 注入

CVE-2022-28346 Django QuerySetannotate(), aggregate(), extra() SQL 注入环境初始化 1python managepy makemigrations 2python managepy migrate 3访问xxxx:8000/ 插入初始化数据漏洞复现访问xxxx:8000/demo POC: xxxx:8000/demo?field=demoname" FROM "demo_user" union SELECT &

SQL injection in QuerySet.annotate(), aggregate(), and extra()

CVE-2022-28346 SQL injection in QuerySetannotate(), aggregate(), and extra() Setup: Run /setupsh for initial setup Open the docker image to initiate the database: docker exec -it {container_id} /bin/bash And run the following commands: python managepy makemigrations cve202228346 python managepy migrate Start the instances using: dock

How to setup environment setup db docker run -d -p 50000:5432 -e POSTGRES_PASSWORD=qwe123QWE -e POSTGRES_DB=db postgres:141 execute migration python managepy makemigrations cve python managepy migrate setup service python managepy runserver Issue 1: Repro

python-web-security $ chmod +x db/init-dbsh $ docker-compose build $ docker-compose up -d # cve 2022 28346 localhost:8000 localhost:8000/demo?field=demoname" FROM "demo_user" union SELECT "1",sqlite_version(),"3" -- localhost:8000/demo?field=demoname" FROM "demo_user&qu

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely.

CVE-2022-28346 A flaw was found in the Django package, which leads to a SQL injection This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely Table of Contents CVE-2022-28346 Description Environment Proof of Concept and Exploitation References You will find above in the code repository the detailed a

CWE-89 http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security/https://www.djangoproject.com/weblog/2022/apr/11/security-releases/https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html https://security.netapp.com/advisory/ntap-20220609-0002/https://www.debian.org/security/2022/dsa-5254 https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677 https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5373-2 https://www.debian.org/security/2022/dsa-5254

Get Started

CVE-2022-28346

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect