Mageia 8: 2022-0281 High: Django SQL Injection and File Response Issue
mageia
August 13, 2022
An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6
Summary
An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6.
The Trunc() and Extract() database functions are subject to SQL injection
if untrusted data is used as a kind/lookup_name value. Applications that
constrain the lookup name and kind choice to a known safe list are
unaffected. (CVE-2022-34265)
An issue was discovered in the HTTP FileResponse class in Django 3.2
before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a
reflected file download (RFD) attack that sets the Content-Disposition
header of a FileResponse when the filename is derived from user-supplied
input. (CVE-2022-36359)
References
- https://bugs.mageia.org/show_bug.cgi?id=30603
- https://nvd.nist.gov/vuln/detail/CVE-2022-34265
- https://nvd.nist.gov/vuln/detail/CVE-2022-36359
- https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
- https://www.cve.org/CVERecord?id=CVE-2022-34265
- https://www.cve.org/CVERecord?id=CVE-2022-36359
Topics Covered
Resolution
SRPMS
- 8/core/python-django-3.2.15-1.mga8
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 13 Aug 2022
URL: https://advisories.mageia.org/MGASA-2022-0281.html
Type: security
CVE: CVE-2022-34265,
CVE-2022-36359
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!