An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.
{ "cpes": [ "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*" ], "severity": "Critical" }