diff options
| author | Jake Howard <git@theorangeone.net> | 2025-08-13 13:13:42 +0100 |
|---|---|---|
| committer | Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | 2025-09-03 13:10:58 +0200 |
| commit | 51711717098d3f469f795dfa6bc3758b24f69ef7 (patch) | |
| tree | 2d977f1069bc7840eda4061a4f54367c4cc8fe98 /docs | |
| parent | d044e25dc2106b94ebdedf0bfde9238be1a3765c (diff) | |
Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL injection in column aliases.
Thanks Eyal Gabay (EyalSec) for the report.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/4.2.24.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.1.12.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.2.6.txt | 7 |
3 files changed, 21 insertions, 0 deletions
diff --git a/docs/releases/4.2.24.txt b/docs/releases/4.2.24.txt index d6e198fb9c..e501483917 100644 --- a/docs/releases/4.2.24.txt +++ b/docs/releases/4.2.24.txt @@ -5,3 +5,10 @@ Django 4.2.24 release notes *September 3, 2025* Django 4.2.24 fixes a security issue with severity "high" in 4.2.23. + +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. diff --git a/docs/releases/5.1.12.txt b/docs/releases/5.1.12.txt index 351d888398..dbc7ba279f 100644 --- a/docs/releases/5.1.12.txt +++ b/docs/releases/5.1.12.txt @@ -5,3 +5,10 @@ Django 5.1.12 release notes *September 3, 2025* Django 5.1.12 fixes a security issue with severity "high" in 5.1.11. + +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. diff --git a/docs/releases/5.2.6.txt b/docs/releases/5.2.6.txt index 3a674b7411..a3eef1b1af 100644 --- a/docs/releases/5.2.6.txt +++ b/docs/releases/5.2.6.txt @@ -6,6 +6,13 @@ Django 5.2.6 release notes Django 5.2.6 fixes a security issue with severity "high" and one bug in 5.2.5. +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. + Bugfixes ======== |
