diff options
| author | Jake Howard <git@theorangeone.net> | 2025-08-13 14:13:42 +0200 |
|---|---|---|
| committer | Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | 2025-09-03 13:15:55 +0200 |
| commit | 4c044fcc866ec226f612c475950b690b0139d243 (patch) | |
| tree | e123e7217282c000135f3d2a29c55b0f337e67b2 /docs | |
| parent | e87ca3d6fa6fb12e06f9c755ecd3ebc3a528e02b (diff) | |
[5.2.x] Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL injection in column aliases.
Thanks Eyal Gabay (EyalSec) for the report.
Backport of 51711717098d3f469f795dfa6bc3758b24f69ef7 from main.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/4.2.24.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.1.12.txt | 7 | ||||
| -rw-r--r-- | docs/releases/5.2.6.txt | 7 |
3 files changed, 21 insertions, 0 deletions
diff --git a/docs/releases/4.2.24.txt b/docs/releases/4.2.24.txt index d6e198fb9c..e501483917 100644 --- a/docs/releases/4.2.24.txt +++ b/docs/releases/4.2.24.txt @@ -5,3 +5,10 @@ Django 4.2.24 release notes *September 3, 2025* Django 4.2.24 fixes a security issue with severity "high" in 4.2.23. + +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. diff --git a/docs/releases/5.1.12.txt b/docs/releases/5.1.12.txt index 351d888398..dbc7ba279f 100644 --- a/docs/releases/5.1.12.txt +++ b/docs/releases/5.1.12.txt @@ -5,3 +5,10 @@ Django 5.1.12 release notes *September 3, 2025* Django 5.1.12 fixes a security issue with severity "high" in 5.1.11. + +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. diff --git a/docs/releases/5.2.6.txt b/docs/releases/5.2.6.txt index 3a674b7411..a3eef1b1af 100644 --- a/docs/releases/5.2.6.txt +++ b/docs/releases/5.2.6.txt @@ -6,6 +6,13 @@ Django 5.2.6 release notes Django 5.2.6 fixes a security issue with severity "high" and one bug in 5.2.5. +CVE-2025-57833: Potential SQL injection in ``FilteredRelation`` column aliases +============================================================================== + +:class:`.FilteredRelation` was subject to SQL injection in column aliases, +using a suitably crafted dictionary, with dictionary expansion, as the +``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias`. + Bugfixes ======== |