mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity

Fixed CVE-2025-64459 -- Prevented SQL injections in Q/QuerySet via the _connector kwarg.

Browse Source 
Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon
Charette, and Jake Howard for the reviews.
This commit is contained in:
Jacob Walls
2025-09-24 15:54:51 -04:00
committed by Natalia
parent c880530ddd
commit 98e642c691
5 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/releases/4.2.26.txt
View File

@@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`,
:func:`redirect() <django.shortcuts.redirect>` were subject to a potential
denial-of-service attack via certain inputs with a very large number of Unicode
characters (follow up to :cve:`2025-27556`).
CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument
===========================================================================
:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`,
and :class:`~.Q` were subject to SQL injection using a suitably crafted
dictionary, with dictionary expansion, as the ``_connector`` argument.

7
docs/releases/5.1.14.txt
View File

@@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`,
:func:`redirect() <django.shortcuts.redirect>` were subject to a potential
denial-of-service attack via certain inputs with a very large number of Unicode
characters (follow up to :cve:`2025-27556`).
CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument
===========================================================================
:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`,
and :class:`~.Q` were subject to SQL injection using a suitably crafted
dictionary, with dictionary expansion, as the ``_connector`` argument.

7
docs/releases/5.2.8.txt
View File

@@ -18,6 +18,13 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`,
denial-of-service attack via certain inputs with a very large number of Unicode
characters (follow up to :cve:`2025-27556`).
CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument
===========================================================================
:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`,
and :class:`~.Q` were subject to SQL injection using a suitably crafted
dictionary, with dictionary expansion, as the ``_connector`` argument.
Bugfixes
========