mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-03 02:23:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fixed CVE-2024-42005 -- Mitigated QuerySet.values() SQL injection attacks against JSON fields.

Browse source 
Thanks Eyal (eyalgabay) for the report.
This commit is contained in:
Simon Charette 2024-07-25 12:19:13 -04:00 committed by Sarah Boyce
parent 5f1757142f
commit c87bfaacf8
5 changed files with 38 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
docs/releases/4.2.15.txt
View file

@ -30,6 +30,13 @@ CVE-2024-41991: Potential denial-of-service vulnerability in ``django.utils.html
subject to a potential denial-of-service attack via certain inputs with a very
large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in ``QuerySet.values()`` and ``values_list()``
======================================================================================
:meth:`.QuerySet.values` and :meth:`~.QuerySet.values_list` methods on models
with a ``JSONField`` were subject to SQL injection in column aliases, via a
crafted JSON object key as a passed ``*arg``.
Bugfixes
========

7
docs/releases/5.0.8.txt
View file

@ -30,6 +30,13 @@ CVE-2024-41991: Potential denial-of-service vulnerability in ``django.utils.html
subject to a potential denial-of-service attack via certain inputs with a very
large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in ``QuerySet.values()`` and ``values_list()``
======================================================================================
:meth:`.QuerySet.values` and :meth:`~.QuerySet.values_list` methods on models
with a ``JSONField`` were subject to SQL injection in column aliases, via a
crafted JSON object key as a passed ``*arg``.
Bugfixes
========