Lucene search
GoogleOSV:PYSEC-2021-109HistoryJul 02, 2021 - 10:15 a.m.
PYSEC-2021-109
2021-07-0210:15:00
Google
osv.dev
45
django security
sql injection
queryset.order_by
untrusted input
web application
software
EPSS
0.003
Percentile
65.5%
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.
Related
archlinux
archlinux
[ASA-202107-11] python-django: insufficient validation
2021-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2021-35042
2021-07-01 00:00:00
githubexploit
githubexploit
Exploit for SQL Injection in Djangoproject Django
2021-09-24 15:30:25
Exploit for SQL Injection in Djangoproject Django
2021-07-10 12:38:52
Exploit for SQL Injection in Djangoproject Django
2023-05-18 00:35:20
altlinux
altlinux
openvas
openvas
Django 3.1 < 3.1.13, 3.2 < 3.2.5 SQLi Vulnerability - Windows
2021-07-05 00:00:00
Fedora: Security Advisory for python-django (FEDORA-2021-78e501d62a)
2021-08-18 00:00:00
Django 3.1 < 3.1.13, 3.2 < 3.2.5 SQLi Vulnerability - Linux
2021-07-05 00:00:00
nvd
nvd
CVE-2021-35042
2021-07-02 10:15:07
fedora
fedora
[SECURITY] Fedora 34 Update: python-django-3.1.13-1.fc34
2021-08-18 01:12:29
osv
osv
CVE-2021-35042
2021-07-02 10:15:07
BIT-django-2021-35042
2024-03-06 10:54:20
SQL Injection in Django
2021-09-22 17:34:49
alpinelinux
alpinelinux
CVE-2021-35042
2021-07-02 10:15:07
cvelist
cvelist
CVE-2021-35042
2021-07-02 09:54:11
redhatcve
redhatcve
CVE-2021-35042
2021-07-01 17:23:11
github
github
SQL Injection in Django
2021-09-22 17:34:49
prion
prion
Sql injection
2021-07-02 10:15:00
debiancve
debiancve
CVE-2021-35042
2021-07-02 10:15:07
cve
cve
CVE-2021-35042
2021-07-02 10:15:07
mageia
mageia
Updated python-django package fixes security vulnerabilities
2021-07-16 11:25:31