- Description
- An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-89
- Hype score
- Not currently trending
۲ آسیب پذیری برای Django با کدهای شناسایی CVE-2024-53907 از نوع DOS و CVE-2024-53908 از نوع Sqlinjection منتشر شده است. آسیب پذیری ها بر روی Django نسخه های 5.1 و 5.0 و 4.2 تاثیر گزار است. Django برای پچ کردن این آسیب پذیری update لازم را ارائه داده است. https://t.co/Poz3aKY03t
@AmirHossein_sec
13 Dec 2024
25 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53908 (CVSS:9.8, CRITICAL) is Received. An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django..https://t.co/ZCQAKbN3gm #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
11 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Pythonのフレームワーク Django(ジャンゴ)で深刻な脆弱性に対応するセキュリティパッチがリリース(CVE-2024-53908,CVE-2024-53907)されました。 https://t.co/tcABC9ECa3
@01Programing
9 Dec 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS an CVE-2024-53907 CVE-2024-53908 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/HLm2OS7OAW #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
7 Dec 2024
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats https://t.co/BlkBJhIIX1
@Dinosn
6 Dec 2024
1626 Impressions
1 Retweet
10 Likes
3 Bookmarks
0 Replies
0 Quotes