An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).
Advisories
Source ID Title
Debian DLA Debian DLA DLA-4324-1 python-django security update
EUVD EUVD EUVD-2025-32048 Django vulnerable to SQL injection in column aliases
Github GHSA Github GHSA GHSA-hpr9-3m2g-3j9p Django vulnerable to SQL injection in column aliases
Ubuntu USN Ubuntu USN USN-7794-1 Django vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 07 Oct 2025 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*

Fri, 03 Oct 2025 00:15:00 +0000

Type Values Removed Values Added
Title django: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB1
References
Metrics threat_severity

None

threat_severity

Important


Thu, 02 Oct 2025 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Djangoproject
Djangoproject django
Vendors & Products Djangoproject
Djangoproject django

Wed, 01 Oct 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 01 Oct 2025 19:00:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-10-01T19:12:14.952Z

Reserved: 2025-09-18T00:00:00.000Z

Link: CVE-2025-59681

cve-icon Vulnrichment

Updated: 2025-10-01T19:12:07.902Z

cve-icon NVD

Status : Analyzed

Published: 2025-10-01T19:15:36.487

Modified: 2025-10-07T14:50:04.887

Link: CVE-2025-59681

cve-icon Redhat

Severity : Important

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2025-59681 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-10-02T08:45:52Z