Published: 04/07/2022 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in Django 3.2 prior to 3.2.14 and 4.0 prior to 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
djangoproject django

Synopsis Important: Django 3214 Security Update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic A security fix for a CVE in the Django library is now available Description Red Hat Update Infrastructure (RHUI) offers ...

Synopsis Important: Satellite 612 Release Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Satellite 612 The release contains a new version of Satellite and important security fixe ...

Debian Bug report logs - #1014541 python-django: CVE-2022-34265 Package: python-django; Maintainer for python-django is Debian Python Team <team+python@trackerdebianorg>; Source for python-django is src:python-django (PTS, buildd, popcon) Reported by: "Chris Lamb" <lamby@debianorg> Date: Thu, 7 Jul 2022 16:18:02 ...

Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting For the stable distribution (bullseye), these problems have been fixed in version 2:2228-1~deb11u1 We recommend that you upgrade your python-django packages For the detailed security ...

Severity Unknown Remote Unknown Type Unknown Description AVG-2788 python-django 405-1 406-1 Unknown Fixed ...

PoC for CVE-2022-34265 (Django)

CVE-2022-34265 Usage start docker-compose build docker-compose up -d stop docker-compose down PoC verification of Django vulnerability (CVE-2022-34265) A vulnerability (CVE-2022-34265) in Django was disclosed on July 5, 2022 (US time) This article describes our discussion of this vulnerability and th

PoC for CVE-2022-34265

CVE-2022-34265 PoC for CVE-2022-34265 Description An issue was discovered in Django 32 before 3214 and 40 before 406 The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value Applications that constrain the lookup name and kind choice to a known safe list are unaff

How to setup environment setup db docker run -d -p 50000:5432 -e POSTGRES_PASSWORD=qwe123QWE -e POSTGRES_DB=db postgres:141 execute migration python managepy makemigrations cve python managepy migrate setup service python managepy runserver Issue 1: Repro

TAKUTO YOSHIKAI Web Developer, Security Researcher, Bug Hunter Personal Works HONJA (Repository) | COWAKÉ Reported CVE CVE-2022-34265 (Django SQL Injection) | CVE-2023-22432 (web2py Open Redirect)

CTF_CVE-2022-34265 Description An issue was discovered in Django 32 before 3214 and 40 before 406 The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value Applications that constrain the lookup name and kind choice to a known safe list are unaffected How to use Start git clone githubcom/coc

Analysis and replication of CVE-2022-23988 and CVE-2022-34265

WebSecurityProject Analysis and replication of CVE-2022-23988 and CVE-2022-34265

Workshop Objectives 악성코드탐지 플랫폼 SonaType Nexus Firewall (IQ Server) 을 이용하여, SDLC 내에 위협요소가 유입되는 것을 방지할 수 있도록 Nexus Repository와 Nexus Firewall을 통한 실습을 수행합니다 가장 많이 사용하는 NPM, MAVEN, PYPI를 통해서 위협요소를 평가 실습하며, 주어진 미션을 완성함을 목적

CVE-2022-34265 Vulnerability

CVE-2022-34265 Vulnerability Summary This vulnerability is due to improper string processing when executing SQL for the arguments of the functions Trunc and Extract used for date data in Django By specifying the request parameters as is in the kind argument of Trunc or the lookup_name argument of Extract, there is a risk that arbitrary SQL minutes can be executed By exploitin

CWE-89 https://www.djangoproject.com/weblog/2022/jul/04/security-releases/https://docs.djangoproject.com/en/4.0/releases/security/https://security.netapp.com/advisory/ntap-20220818-0006/https://www.debian.org/security/2022/dsa-5254 https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/https://access.redhat.com/errata/RHSA-2022:5738 https://nvd.nist.gov https://github.com/aeyesec/CVE-2022-34265 https://www.debian.org/security/2022/dsa-5254

CVE-2022-34265

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect