CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-57833

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.1%

CVSS Severity

CVSS v3 Score 7.1

References

Products affected by CVE-2025-57833

Djangoproject » Django » Version: 4.2

cpe:2.3:a:djangoproject:django:4.2
Djangoproject » Django » Version: 4.2.0

cpe:2.3:a:djangoproject:django:4.2.0
Djangoproject » Django » Version: 4.2.1

cpe:2.3:a:djangoproject:django:4.2.1
Djangoproject » Django » Version: 4.2.10

cpe:2.3:a:djangoproject:django:4.2.10
Djangoproject » Django » Version: 4.2.11

cpe:2.3:a:djangoproject:django:4.2.11
Djangoproject » Django » Version: 4.2.12

cpe:2.3:a:djangoproject:django:4.2.12
Djangoproject » Django » Version: 4.2.13

cpe:2.3:a:djangoproject:django:4.2.13
Djangoproject » Django » Version: 4.2.14

cpe:2.3:a:djangoproject:django:4.2.14
Djangoproject » Django » Version: 4.2.15

cpe:2.3:a:djangoproject:django:4.2.15
Djangoproject » Django » Version: 4.2.16

cpe:2.3:a:djangoproject:django:4.2.16
Djangoproject » Django » Version: 4.2.17

cpe:2.3:a:djangoproject:django:4.2.17
Djangoproject » Django » Version: 4.2.18

cpe:2.3:a:djangoproject:django:4.2.18
Djangoproject » Django » Version: 4.2.19

cpe:2.3:a:djangoproject:django:4.2.19
Djangoproject » Django » Version: 4.2.2

cpe:2.3:a:djangoproject:django:4.2.2
Djangoproject » Django » Version: 4.2.20

cpe:2.3:a:djangoproject:django:4.2.20
Djangoproject » Django » Version: 4.2.21

cpe:2.3:a:djangoproject:django:4.2.21
Djangoproject » Django » Version: 4.2.22

cpe:2.3:a:djangoproject:django:4.2.22
Djangoproject » Django » Version: 4.2.23

cpe:2.3:a:djangoproject:django:4.2.23
Djangoproject » Django » Version: 4.2.3

cpe:2.3:a:djangoproject:django:4.2.3
Djangoproject » Django » Version: 4.2.4

cpe:2.3:a:djangoproject:django:4.2.4
Djangoproject » Django » Version: 4.2.5

cpe:2.3:a:djangoproject:django:4.2.5
Djangoproject » Django » Version: 4.2.6

cpe:2.3:a:djangoproject:django:4.2.6
Djangoproject » Django » Version: 4.2.7

cpe:2.3:a:djangoproject:django:4.2.7
Djangoproject » Django » Version: 4.2.8

cpe:2.3:a:djangoproject:django:4.2.8
Djangoproject » Django » Version: 4.2.9

cpe:2.3:a:djangoproject:django:4.2.9
Djangoproject » Django » Version: 5.1

cpe:2.3:a:djangoproject:django:5.1
Djangoproject » Django » Version: 5.1.1

cpe:2.3:a:djangoproject:django:5.1.1
Djangoproject » Django » Version: 5.1.10

cpe:2.3:a:djangoproject:django:5.1.10
Djangoproject » Django » Version: 5.1.11

cpe:2.3:a:djangoproject:django:5.1.11
Djangoproject » Django » Version: 5.1.2

cpe:2.3:a:djangoproject:django:5.1.2
Djangoproject » Django » Version: 5.1.3

cpe:2.3:a:djangoproject:django:5.1.3
Djangoproject » Django » Version: 5.1.4

cpe:2.3:a:djangoproject:django:5.1.4
Djangoproject » Django » Version: 5.1.5

cpe:2.3:a:djangoproject:django:5.1.5
Djangoproject » Django » Version: 5.1.6

cpe:2.3:a:djangoproject:django:5.1.6
Djangoproject » Django » Version: 5.1.7

cpe:2.3:a:djangoproject:django:5.1.7
Djangoproject » Django » Version: 5.1.8

cpe:2.3:a:djangoproject:django:5.1.8
Djangoproject » Django » Version: 5.1.9

cpe:2.3:a:djangoproject:django:5.1.9
Djangoproject » Django » Version: 5.2

cpe:2.3:a:djangoproject:django:5.2
Djangoproject » Django » Version: 5.2.1

cpe:2.3:a:djangoproject:django:5.2.1
Djangoproject » Django » Version: 5.2.2

cpe:2.3:a:djangoproject:django:5.2.2
Djangoproject » Django » Version: 5.2.3

cpe:2.3:a:djangoproject:django:5.2.3
Djangoproject » Django » Version: 5.2.4

cpe:2.3:a:djangoproject:django:5.2.4
Djangoproject » Django » Version: 5.2.5

cpe:2.3:a:djangoproject:django:5.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-57833

Products

Pricing

Contact Us