Lucene search
GoogleOSV:CVE-2021-35042HistoryJul 02, 2021 - 10:15 a.m.
CVE-2021-35042
2021-07-0210:15:07
Google
osv.dev
13
cve-2021-35042
django
queryset.order_by
sql injection
web application
software
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.
References
docs.djangoproject.com/en/3.2/releases/security/
groups.google.com/forum/#%21forum/django-announce
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SS6NJTBYWOX6J7G4U3LUOILARJKWPQ5Y/
security.netapp.com/advisory/ntap-20210805-0008/
www.djangoproject.com/weblog/2021/jul/01/security-releases/
www.openwall.com/lists/oss-security/2021/07/02/2
Related
archlinux
archlinux
[ASA-202107-11] python-django: insufficient validation
2021-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2021-35042
2021-07-01 00:00:00
githubexploit
githubexploit
Exploit for SQL Injection in Djangoproject Django
2021-09-24 15:30:25
Exploit for SQL Injection in Djangoproject Django
2021-07-10 12:38:52
Exploit for SQL Injection in Djangoproject Django
2023-05-18 00:35:20
altlinux
altlinux
openvas
openvas
Django 3.1 < 3.1.13, 3.2 < 3.2.5 SQLi Vulnerability - Windows
2021-07-05 00:00:00
Django 3.1 < 3.1.13, 3.2 < 3.2.5 SQLi Vulnerability - Linux
2021-07-05 00:00:00
Fedora: Security Advisory for python-django (FEDORA-2021-78e501d62a)
2021-08-18 00:00:00
nvd
nvd
CVE-2021-35042
2021-07-02 10:15:07
redhatcve
redhatcve
CVE-2021-35042
2021-07-01 17:23:11
osv
osv
SQL Injection in Django
2021-09-22 17:34:49
BIT-django-2021-35042
2024-03-06 10:54:20
PYSEC-2021-109
2021-07-02 10:15:00
github
github
SQL Injection in Django
2021-09-22 17:34:49
fedora
fedora
[SECURITY] Fedora 34 Update: python-django-3.1.13-1.fc34
2021-08-18 01:12:29
alpinelinux
alpinelinux
CVE-2021-35042
2021-07-02 10:15:07
cvelist
cvelist
CVE-2021-35042
2021-07-02 09:54:11
prion
prion
Sql injection
2021-07-02 10:15:00
debiancve
debiancve
CVE-2021-35042
2021-07-02 10:15:07
cve
cve
CVE-2021-35042
2021-07-02 10:15:07
mageia
mageia
Updated python-django package fixes security vulnerabilities
2021-07-16 11:25:31