VDB

BIT-django-2025-64459

BIT-django-2025-64459 PUBLISHED CVSS 9.100000381469727 CRITICAL

Potential SQL injection via _connector keyword argument in QuerySet and Q objects

Risk Scores

CVSS v3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products

VendorProductVersions
AWSconnect
Bitnamidjango4.2.0, 5.1.0, 5.2.0

Timeline

  • Nov 11, 2025 CVE Published
  • Apr 21, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›