CVE-2022-34265
Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection
9.8
CRITICAL
CVSS 3.1
EPSS 92.8%
Description
An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.
How to fix CVE-2022-34265
To remediate CVE-2022-34265, upgrade the affected package to a fixed version below.
- —upgrade to 3.2.14 or later
- —upgrade to 2:2.2.28-1~deb11u1 or later
- —upgrade to 3.2.14 or later
- —upgrade to 3.2.14 or later
Is CVE-2022-34265 being exploited?
Likely — EPSS is 92.8%, placing CVE-2022-34265 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (4)
- >= 3.2.0, < 3.2.14, >= 4.0.0, < 4.0.6
- from 0, < 2:2.2.28-1~deb11u1
- >= 3.2a1, < 3.2.14
- >= 3.2, < 3.2.14, >= 4.0, < 4.0.6
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |