In Django versions 4.0, 4.1 (beta), and 3.2, `Trunc()` and `Extract()` database functions were subject to SQL injection if untrusted data was used as a `lookup_name`/`kind` value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.
Created python-django tracking bugs for this issue: Affects: epel-7 [bug 2105207] Affects: epel-8 [bug 2105210] Affects: fedora-35 [bug 2105214] Affects: fedora-36 [bug 2105215] Affects: openstack-rdo [bug 2105216] Created python-django16 tracking bugs for this issue: Affects: epel-7 [bug 2105209] Created python-django3 tracking bugs for this issue: Affects: epel-8 [bug 2105212]
This issue has been addressed in the following products: RHUI 4 for RHEL 8 Via RHSA-2022:5738 https://access.redhat.com/errata/RHSA-2022:5738
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-34265
This issue has been addressed in the following products: Red Hat Satellite 6.12 for RHEL 8 Via RHSA-2022:8506 https://access.redhat.com/errata/RHSA-2022:8506