CVE-2022-28346
moderate-risk
Published 2022-04-12
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Do I need to act?
~
2.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 5c3300027b30c1b498d99010f7d618316f685045, 08e6073f878264a0c091da0d3db456820252ef6c, 89807fbde8b7b17d00434bc4695535855e96fe77
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (3)
Affected Vendors
References (18)
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220609-0002/
Third Party Advisory
https://www.debian.org/security/2022/dsa-5254
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220609-0002/
Third Party Advisory
https://www.debian.org/security/2022/dsa-5254
46
/ 100
moderate-risk
Severity
32/34 · Critical
Exploitability
5/34 · Minimal
Exposure
9/34 · Low