Bugzilla – Bug 1198399
VUL-0: CVE-2022-28347: python-Django1,python-Django: Potential SQL injection via QuerySet.explain(options) on PostgreSQL
Last modified: 2023-01-03 14:23:28 UTC
rh#2072459 ``QuerySet.explain()`` method was subject to SQL injection in option names, using a suitably crafted dictionary, with dictionary expansion, as the ``**options`` argument. This issue has High severity, according to the Django security policy [1]. References: https://bugzilla.redhat.com/show_bug.cgi?id=2072459 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28347 http://www.openwall.com/lists/oss-security/2022/04/11/1 https://seclists.org/oss-sec/2022/q2/28 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347 https://www.djangoproject.com/weblog/2022/apr/11/security-releases/ https://docs.djangoproject.com/en/4.0/releases/security/ https://groups.google.com/forum/#!forum/django-announce
Not affected: - SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/python-Django 1.11.29 - SUSE:SLE-12-SP4:Update:Products:Cloud9:Update/python-Django1 1.11.29 Affected: - openSUSE:Factory/python-Django 4.0.3
https://build.opensuse.org/request/show/977872 updated openSUSE:Factory/python-Django to version 4.0.4 which includes the fix for this issue, and it has been further updated to 4.0.6 as of writing this comment. As such I think this bugzilla can be closed.
Done, closing.
openSUSE-SU-2023:0005-1: An update that solves 13 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1185713,1186608,1186611,1193240,1194115,1194116,1194117,1195086,1195088,1198297,1198398,1198399,1201923,1203793 CVE References: CVE-2021-32052,CVE-2021-33203,CVE-2021-33571,CVE-2021-44420,CVE-2021-45115,CVE-2021-45116,CVE-2021-45452,CVE-2022-22818,CVE-2022-23833,CVE-2022-28346,CVE-2022-28347,CVE-2022-36359,CVE-2022-41323 JIRA References: Sources used: openSUSE Backports SLE-15-SP3 (src): python-Django-2.2.28-bp153.2.3.1