CVE-2025-64459
Description
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.The methods QuerySet.filter(), QuerySet.exclude(), and QuerySet.get(), and the class Q(), are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the _connector argument.Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.Django would like to thank cyberstan for reporting this issue.
Risk Information
Base Score
9.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.191
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django 4.2.26 | Windows |
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django 5.1.14 | Windows |
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django 5.2.8 | Windows |
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django for linux 4.2.26 | Linux |
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django for linux 5.1.14 | Linux |
| Vulnerabilities CVE-2025-64458,CVE-2025-64459 are fixed in Python-django for linux 5.2.8 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234