{"id":8894,"date":"2025-12-03T10:03:34","date_gmt":"2025-12-03T10:03:34","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/12\/03\/multiple-django-vulnerabilities-enables-sql-injection-and-denial-of-service-attacks\/"},"modified":"2025-12-03T10:03:34","modified_gmt":"2025-12-03T10:03:34","slug":"multiple-django-vulnerabilities-enables-sql-injection-and-denial-of-service-attacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/12\/03\/multiple-django-vulnerabilities-enables-sql-injection-and-denial-of-service-attacks\/","title":{"rendered":"Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks"},"content":{"rendered":"<p>    Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>The development team has officially released essential security updates to address two significant vulnerabilities found in the popular web framework.<\/p>\n<p>These issues range from high to moderate severity. They could allow attackers to compromise <a href=\"https:\/\/cybersecuritynews.com\/microsoft-events-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">database<\/a> integrity or crash servers through resource exhaustion.<\/p>\n<p>The most critical flaw, tracked as\u00a0CVE-2025-13372, is a high-severity <a href=\"https:\/\/cybersecuritynews.com\/django-vulnerabilities-sql-injection-and-dos-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">SQL injection<\/a> vulnerability affecting projects that use PostgreSQL. The issue lies within the\u00a0FilteredRelation\u00a0class, specifically how it handles column aliases.<\/p>\n<p>Attackers can exploit this by crafting a specific dictionary (using dictionary expansion) passed to\u00a0QuerySet.annotate()\u00a0or\u00a0QuerySet.alias(). If successful, this manipulation allows malicious SQL code to be injected into the database query. <\/p>\n<p>The second vulnerability,\u00a0CVE-2025-64460, is a moderate-severity issue involving the <a href=\"https:\/\/cybersecuritynews.com\/sharepoint-webpart-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">XML<\/a> serializer.<\/p>\n<p>Django discovered that the method\u00a0django.core.serializers.xml_serializer. getInnerText()\u00a0suffers from algorithmic complexity issues.<\/p>\n<figure class=\"wp-block-table is-style-stripes\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th>CVE ID<\/th>\n<th>Vulnerability Type<\/th>\n<th>Severity<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>CVE-2025-13372<\/td>\n<td>SQL Injection<\/td>\n<td>High<\/td>\n<\/tr>\n<tr>\n<td>CVE-2025-64460<\/td>\n<td>Denial of Service (DoS)<\/td>\n<td>Moderate<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>When an application processes specially crafted XML input, the serializer repeatedly concatenates strings as it collects text nodes.<\/p>\n<p>Django has <a href=\"https:\/\/www.djangoproject.com\/weblog\/2025\/dec\/02\/security-releases\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">released<\/a> security updates 5.2.9, 5.1.15, and 4.2.27, and developers are strongly advised to upgrade right away to avoid possible attacks.<\/p>\n<p>This recursive process can lead to \u201csuperlinear\u201d computation time, causing the server\u2019s CPU and memory usage to spike.<\/p>\n<p>A remote attacker could use this to trigger a denial-of-service (<a href=\"https:\/\/cybersecuritynews.com\/openvpn-vulnerabilities\/\" target=\"_blank\" rel=\"noreferrer noopener\">DoS<\/a>) attack, effectively crashing the service or making it unresponsive.<\/p>\n<p>These vulnerabilities affect all supported versions of Django, including the main branch and the upcoming Django 6.0 (currently in release candidate status).<\/p>\n<p>Developers using the main branch or the Django 6.0 release candidate should pull the latest commits from the official repository to ensure their projects are secure.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 94%,rgb(169,184,195) 100%)\"><strong>Follow us on <a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>, <a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>, and <a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a> for daily cybersecurity updates. <a href=\"https:\/\/cybersecuritynews.com\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Contact us<\/a> to feature your stories.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/multiple-django-vulnerabilities\/\">Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/multiple-django-vulnerabilities\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks The development team has officially released essential security updates to address two significant vulnerabilities found in the popular web framework. These issues range from high to moderate severity. They could allow attackers to compromise database integrity or crash servers through resource exhaustion. The most critical flaw, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2015,129,63,648],"tags":[130],"class_list":["post-8894","post","type-post","status-publish","format-standard","hentry","category-cve-vulnerabilities","category-cyber-security","category-cyber-security-news","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8894"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=8894"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8894\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=8894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=8894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=8894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}