CVE-2021-35042 in Django Project and Fedora Project Products
Published on July 2, 2021

Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.

Vendor Advisory NVD

Products Associated with CVE-2021-35042

stack.watch emails you whenever new vulnerabilities are published in Django Project Django or Fedora Project Fedora. Just hit a watch button to start following.

Django Project Django

Fedora Project Fedora

Exploit Probability

EPSS

89.86%

Percentile

99.56%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-35042 in Django Project and Fedora Project ProductsPublished on July 2, 2021

Products Associated with CVE-2021-35042

Exploit Probability

CVE-2021-35042 in Django Project and Fedora Project Products
Published on July 2, 2021