FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Django -- multiple vulnerabilities

Affected packages
py310-django32 < 3.2.14
py37-django32 < 3.2.14
py38-django32 < 3.2.14
py39-django32 < 3.2.14
py310-django40 < 4.0.6
py38-django40 < 4.0.6
py39-django40 < 4.0.6

Details

VuXML ID 5be19b0d-fb85-11ec-95cd-080027b24e86
Discovery 2022-06-21
Entry 2022-07-04

SO-AND-SO reports:

CVE-2022-34265: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments.

References

CVE Name CVE-2022-34265
URL https://www.djangoproject.com/weblog/2022/jul/04/security-releases/