CVE-2022-28346 — SQL Injection in Django

CWE-89 — SQL Injection11 documents7 sources

Severity

9.8CRITICALNVD

OSV6.1

EPSS

2.0%

top 16.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Djangoproject Django Debian Linux

Timeline

PublishedApr 12

Latest updateApr 13

Description

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDdjangoproject/django2.2 — 2.2.28+2

▶PyPIdjangoproject/django2.2 — 2.2.28+2

Also affects: Debian Linux 11.0, 9.0

Patches

Patch: www.openwall.com ↗Patch: docs.djangoproject.com ↗Patch: www.djangoproject.com ↗

🔴Vulnerability Details

GHSA

SQL Injection in Django↗2022-04-13

▶

OSV

SQL Injection in Django↗2022-04-13

▶

CVEList

CVE-2022-28346: An issue was discovered in Django 2↗2022-04-12

▶

OSV

CVE-2022-28346: An issue was discovered in Django 2↗2022-04-12

▶

OSV

python-django vulnerabilities↗2022-04-11

▶

📋Vendor Advisories

Ubuntu

Django vulnerabilities↗2022-04-11

▶

Red Hat

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()↗2022-04-11

▶

Ubuntu

Django vulnerabilities↗2022-04-11

▶

Debian

CVE-2022-28346: python-django - An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 ...↗2022

▶