published Correcting issues of the Web-framim-rotor DJango 4.0.6 and 3.2.14 , in which the vulnerability ( cve-2022-34265 ), potentially allowing the substitution of its SQL code. The problem affects the applications that use unverified external data in the Kind and Lookup_name parameters transmitted in the TRUNC (Kind) and Extract (lookup_name) function. Programs that allow in the values of Lookup_name and Kind only proven data vulnerability does not affect.
/Media reports.