diff options
| author | Jacob Walls <jacobtylerwalls@gmail.com> | 2025-09-24 15:54:51 -0400 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2025-11-05 09:29:44 -0300 |
| commit | 06dd38324ac3d60d83d9f3adabf0dcdf423d2a85 (patch) | |
| tree | 44dfc7b5072cdc2d9bc1e5a07ab2a0a56f2abaaf /docs | |
| parent | 6e13348436fccf8f22982921d6a3a3e65c956a9f (diff) | |
[6.0.x] Fixed CVE-2025-64459 -- Prevented SQL injections in Q/QuerySet via the _connector kwarg.
Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon
Charette, and Jake Howard for the reviews.
Backport of 98e642c69181c942d60a10ca0085d48c6b3068bb from main.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/4.2.26.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.1.14.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.2.8.txt | 7 |
3 files changed, 21 insertions, 0 deletions
diff --git a/docs/releases/4.2.26.txt b/docs/releases/4.2.26.txt index ae274c3361..20cf48f05c 100644 --- a/docs/releases/4.2.26.txt +++ b/docs/releases/4.2.26.txt @@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, :func:`redirect() <django.shortcuts.redirect>` were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). + +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. diff --git a/docs/releases/5.1.14.txt b/docs/releases/5.1.14.txt index 8dba96e487..d762dbf3cd 100644 --- a/docs/releases/5.1.14.txt +++ b/docs/releases/5.1.14.txt @@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, :func:`redirect() <django.shortcuts.redirect>` were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). + +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. diff --git a/docs/releases/5.2.8.txt b/docs/releases/5.2.8.txt index 947fce8d84..0a0038ba20 100644 --- a/docs/releases/5.2.8.txt +++ b/docs/releases/5.2.8.txt @@ -18,6 +18,13 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. + Bugfixes ======== |
