PT-2022-2357 · Django+6 · Django+6

Danylo Dmytriiev

+6

·

Published

2022-04-11

·

Updated

2026-01-03

·

CVE-2022-28346

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Django versions 2.2 before 2.2.28 Django versions 3.2 before 3.2.13 Django versions 4.0 before 4.0.4
Description An issue was discovered in the QuerySet.annotate(), aggregate(), and extra() methods, which are subject to SQL injection in column aliases via a crafted dictionary as the passed **kwargs. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations For Django versions 2.2 before 2.2.28, update to version 2.2.28 or later. For Django versions 3.2 before 3.2.13, update to version 3.2.13 or later. For Django versions 4.0 before 4.0.4, update to version 4.0.4 or later. As a temporary workaround, consider restricting the use of the QuerySet.annotate(), aggregate(), and extra() methods until a patch is available. Avoid using crafted dictionaries as the passed **kwargs in these methods to minimize the risk of exploitation.

Exploit

Fix

DoS

SQL injection

Weakness Enumeration

CWE-89

Related Identifiers

ALT-PU-2022-1670
ALT-PU-2022-1677
BDU:2022-02671
BIT-DJANGO-2022-28346
CVE-2022-28346
DLA-2982-1
DLA-3177-1
DSA-5254-1
GHSA-2GWJ-7JMV-H26R
MGASA-2022-0190
OESA-2022-1642
OPENSUSE-SU-2023:0005-1
OPENSUSE-SU-2024:12094-1
OPENSUSE-SU-2024:14208-1
OPENSUSE-SU-2025:14662-1
OPENSUSE-SU-2026:10005-1
PYSEC-2022-190
RHSA-2022:5115
RHSA-2022:5498
RHSA-2022:5602
RHSA-2022:5702
RHSA-2022:5703
RHSA-2022:8872
RLSA-2022:5498
RLSA-2022_5498
SUSE-SU-2022:3338-1
SUSE-SU-2022:3339-1
SUSE-SU-2024:2817-1
USN-5373-1
USN-5373-2

Affected Products

Alt Linux
Astra Linux
Django
Linuxmint
Red Os
Rocky Linux
Ubuntu