Django’s new releases address the SQL Injection vulnerability

Django, an open source Python-based internet structure, has recently released a high intensity susceptibility.

The potential SQL Shot vulnerability affects Django’s main branch, as well as variations 4.1 (currently in beta), 4.0, and 3.2, with patches and brand-new releases released to address the vulnerability.

According to some estimates, tens of thousands of websites use Django as their Model-Template-View framework of choice.

With patches and new releases, a potential SQL Injection vulnerability tracked as CVE-2022-34265 affects the Django master branch and versions 4.1 (currently in beta), 4.0, and 3.2.

A high severity SQL injection vulnerability exists in Django 4.0.6 and Django 3.2.14.

A threat actor could exploit this vulnerability to attack Django web applications via the arguments provided in the Trunc(kind) and Extract(lookup name) functions.

Patches have been applied to the Django main branch as well as the 4.1,4.0, and3.2 version branches to resolve the issue.