FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Django -- multiple vulnerabilities

Affected packages
		py310-django32	<	3.2.14
		py37-django32	<	3.2.14
		py38-django32	<	3.2.14
		py39-django32	<	3.2.14
		py310-django40	<	4.0.6
		py38-django40	<	4.0.6
		py39-django40	<	4.0.6

Details

VuXML ID	5be19b0d-fb85-11ec-95cd-080027b24e86
Discovery	2022-06-21
Entry	2022-07-04

SO-AND-SO reports:

CVE-2022-34265: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments.

[source]

References

CVE Name	CVE-2022-34265
URL	https://www.djangoproject.com/weblog/2022/jul/04/security-releases/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.