Vulnerabilities > Djangoproject > Django > 2.2.27

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2022-28346 SQL Injection vulnerability in multiple products
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4.
network
low complexity
djangoproject debian CWE-89
critical
 9.8
9.8
2022-04-12 CVE-2022-28347 SQL Injection vulnerability in multiple products
A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4.
network
low complexity
djangoproject debian CWE-89
critical
 9.8
9.8