Debian update for python-django



Published: 2022-10-16
Risk High
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-22818
CVE-2022-23833
CVE-2022-28346
CVE-2022-28347
CVE-2022-34265
CVE-2022-36359
CVE-2022-41323
CWE-ID CWE-79
CWE-835
CWE-89
CWE-451
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Public exploit code for vulnerability #5 is available.
Vulnerable software
Subscribe 		Debian Linux
Operating systems & Components / Operating system

python-django (Debian package)
Operating systems & Components / Operating system package or component

Vendor Debian

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU60197

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22818

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when displaying information via the {% debug %} tag. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Infinite loop

EUVDB-ID: #VU60198

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-23833

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when parsing files. A remote attacker can upload a specially crafted file  to the server, consume all available system resources and cause denial of service conditions.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) SQL injection

EUVDB-ID: #VU62050

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-28346

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the QuerySet.annotate(), aggregate(), and extra() methods. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) SQL injection

EUVDB-ID: #VU62051

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-28347

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the QuerySet.explain() method. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) SQL injection

EUVDB-ID: #VU64905

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-34265

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within Trunc(kind) and Extract(lookup_name) arguments. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Spoofing attack

EUVDB-ID: #VU66019

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-36359

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in the FileResponse method. A remote attacker can spoof content of downloaded file and perform reflected file download (RFD) attack.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Input validation error

EUVDB-ID: #VU67893

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41323

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed via the locale parameter in internationalized URLs. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update python-django package to version 2:2.2.28-1~deb11u1.

Vulnerable software versions

Debian Linux: All versions

python-django (Debian package): before 2:2.2.28-1~deb11u1

CPE2.3 External links

http://www.debian.org/security/2022/dsa-5254

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###