Ubuntu Security Notice USN-5373-1

Discussion in 'News Aggregator' started by Packet Storm, 12 Apr 2022.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5373-1 - It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack. It was discovered that Django incorrectly handled certain option names in the QuerySet.explain method. A remote attacker could possibly use this issue to perform an SQL injection attack. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 21.10.

    Continue reading...
     
    #1 Packet Storm, 12 Apr 2022
(You must log in or sign up to post here.)

Share This Page

Loading...