1 min read News

Developers have published corrective releases of Django framework 4.0.6 and 3.2.14, which fixed vulnerability CVE-2022-34265.

Developers have published corrective releases of Django framework 4.0.6 and 3.2.14, which fixed vulnerability CVE-2022-34265.
Photo by Fotis Fotopoulos / Unsplash

It potentially allowed you to perform substitution of your SQL code.

The potential SQL Injection vulnerability existed in the main Django branch, as well as in versions 4.1 (currently in beta), 4.0, and 3.2. The problem affected applications using unverified external data in the kind and lookupname parameters passed to the Trunc(kind) and Extract(lookupname) functions.

In Release 4.1, the developers will further harden the security of the extract and truncate date methods. However, the changes in the API will break compatibility with third-party database backends.

You might also like...

Oct
03
Competitor to OpenAI o1: Google Developing a New AI Model That Thinks Like a Human

Competitor to OpenAI o1: Google Developing a New AI Model That Thinks Like a Human

Google is actively working on a new artificial intelligence model that has the potential to mimic human thinking. This information
2 min read
Oct
01
A Historic First: Charlotte Hanneman Becomes the First Female Top Executive in Philips' 133-Year History

A Historic First: Charlotte Hanneman Becomes the First Female Top Executive in Philips' 133-Year History

In a groundbreaking development for one of the world’s leading health technology companies, Philips, a woman has been appointed
2 min read
Sep
26
MSI Unveils New Devices Inspired by S.T.A.L.K.E.R. 2: Heart of Chornobyl - A Deep Dive into the Collaboration with GSC Game World

MSI Unveils New Devices Inspired by S.T.A.L.K.E.R. 2: Heart of Chornobyl - A Deep Dive into the Collaboration with GSC Game World

MSI, a renowned name in the gaming accessories industry, has recently unveiled an exciting teaser for a new line of
4 min read
Sep
24
Scientists Create Innovative Technology That Boosts Computer Efficiency by 100 Times: A Revolution in Data Processing

Scientists Create Innovative Technology That Boosts Computer Efficiency by 100 Times: A Revolution in Data Processing

In today's fast-paced world, where data processing speed is critical for various industries, Finnish company Flow Computing has unveiled a
3 min read
Sep
17
Amazon Employees Required to Return to Offices Starting January 2025: Key Exceptions and Impact on Workforce Productivity

Amazon Employees Required to Return to Offices Starting January 2025: Key Exceptions and Impact on Workforce Productivity

Amazon has announced a significant change in its work policy, requiring employees to return to the office for five days
5 min read
GrowthNowGeek © 2024