diff options
| author | Jacob Walls <jacobtylerwalls@gmail.com> | 2025-09-24 15:54:51 -0400 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2025-11-05 09:33:15 -0300 |
| commit | 6703f364d767e949c5b0e4016433ef75063b4f9b (patch) | |
| tree | 361d096595aec087af9e80a8a396ae50a2d97922 /docs | |
| parent | 4f5d904b63751dea9ffc3b0e046404a7fa5881ac (diff) | |
[5.2.x] Fixed CVE-2025-64459 -- Prevented SQL injections in Q/QuerySet via the _connector kwarg.
Thanks cyberstan for the report, Sarah Boyce, Adam Johnson, Simon
Charette, and Jake Howard for the reviews.
Backport of c880530ddd4fabd5939bab0e148bebe36699432a from main.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/4.2.26.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.1.14.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.2.8.txt | 7 |
3 files changed, 21 insertions, 0 deletions
diff --git a/docs/releases/4.2.26.txt b/docs/releases/4.2.26.txt index ae274c3361..20cf48f05c 100644 --- a/docs/releases/4.2.26.txt +++ b/docs/releases/4.2.26.txt @@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, :func:`redirect() <django.shortcuts.redirect>` were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). + +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. diff --git a/docs/releases/5.1.14.txt b/docs/releases/5.1.14.txt index 8dba96e487..d762dbf3cd 100644 --- a/docs/releases/5.1.14.txt +++ b/docs/releases/5.1.14.txt @@ -16,3 +16,10 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, :func:`redirect() <django.shortcuts.redirect>` were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). + +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. diff --git a/docs/releases/5.2.8.txt b/docs/releases/5.2.8.txt index 947fce8d84..0a0038ba20 100644 --- a/docs/releases/5.2.8.txt +++ b/docs/releases/5.2.8.txt @@ -18,6 +18,13 @@ Windows. As a consequence, :class:`~django.http.HttpResponseRedirect`, denial-of-service attack via certain inputs with a very large number of Unicode characters (follow up to :cve:`2025-27556`). +CVE-2025-64459: Potential SQL injection via ``_connector`` keyword argument +=========================================================================== + +:meth:`.QuerySet.filter`, :meth:`~.QuerySet.exclude`, :meth:`~.QuerySet.get`, +and :class:`~.Q` were subject to SQL injection using a suitably crafted +dictionary, with dictionary expansion, as the ``_connector`` argument. + Bugfixes ======== |
