{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Critical" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"python-django security update", "category":"general", "title":"Synopsis" }, { "text":"An update for python-django is now available for openEuler-22.03-LTS-SP4", "category":"general", "title":"Summary" }, { "text":"A high-level Python Web framework that encourages rapid development and clean, pragmatic design.\n\nSecurity Fix(es):\n\nAn issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods on MySQL and MariaDB.(CVE-2025-59681)\n\nA critical vulnerability was found in Django up to 4.2.24/5.1.12/5.2.6. Using CWE to declare the problem leads to CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Impacted is confidentiality, integrity, and availability. Upgrading to version 4.2.25, 5.1.13 or 5.2.7 eliminates this vulnerability.(CVE-2025-59682)", "category":"general", "title":"Description" }, { "text":"An update for python-django is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Critical", "category":"general", "title":"Severity" }, { "text":"python-django", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2461", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2461" }, { "summary":"CVE-2025-59681", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-59681&packageName=python-django" }, { "summary":"CVE-2025-59682", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-59682&packageName=python-django" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59681" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59682" }, { "summary":"openEuler-SA-2025-2461 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-2461.json" } ], "title":"An update for python-django is now available for openEuler-22.03-LTS-SP4", "tracking":{ "initial_release_date":"2025-10-17T22:57:20+08:00", "revision_history":[ { "date":"2025-10-17T22:57:20+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-10-17T22:57:20+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-10-17T22:57:20+08:00", "id":"openEuler-SA-2025-2461", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"openEuler-22.03-LTS-SP4", "name":"openEuler-22.03-LTS-SP4" }, "name":"openEuler-22.03-LTS-SP4", "category":"product_version" } ], "category":"product_name" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python-django-4.2.15-9.oe2203sp4.src.rpm", "name":"python-django-4.2.15-9.oe2203sp4.src.rpm" }, "name":"python-django-4.2.15-9.oe2203sp4.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python-django-help-4.2.15-9.oe2203sp4.noarch.rpm", "name":"python-django-help-4.2.15-9.oe2203sp4.noarch.rpm" }, "name":"python-django-help-4.2.15-9.oe2203sp4.noarch.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-Django-4.2.15-9.oe2203sp4.noarch.rpm", "name":"python3-Django-4.2.15-9.oe2203sp4.noarch.rpm" }, "name":"python3-Django-4.2.15-9.oe2203sp4.noarch.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python-django-4.2.15-9.oe2203sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "name":"python-django-4.2.15-9.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python-django-help-4.2.15-9.oe2203sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "name":"python-django-help-4.2.15-9.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-Django-4.2.15-9.oe2203sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch", "name":"python3-Django-4.2.15-9.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-59681", "notes":[ { "text":"An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods on MySQL and MariaDB.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ], "details":"python-django security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2461" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"CRITICAL", "baseScore":9.8, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ] } ], "threats":[ { "details":"Critical", "category":"impact" } ], "title":"CVE-2025-59681" }, { "cve":"CVE-2025-59682", "notes":[ { "text":"A critical vulnerability was found in Django up to 4.2.24/5.1.12/5.2.6. Using CWE to declare the problem leads to CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Impacted is confidentiality, integrity, and availability. Upgrading to version 4.2.25, 5.1.13 or 5.2.7 eliminates this vulnerability.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ], "details":"python-django security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2461" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.1, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:python-django-4.2.15-9.oe2203sp4.src", "openEuler-22.03-LTS-SP4:python-django-help-4.2.15-9.oe2203sp4.noarch", "openEuler-22.03-LTS-SP4:python3-Django-4.2.15-9.oe2203sp4.noarch" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-59682" } ] }