vulnerability

FreeBSD: VID-90fc859e-9fe4-11f0-9fa2-080027836e8b (CVE-2025-59681): Django -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:S/C:C/I:P/A:N)	Oct 2, 2025	Dec 10, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:C/I:P/A:N)

Published

Oct 2, 2025

Added

Dec 10, 2025

Modified

Dec 10, 2025

Description

Django reports: CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB. CVE-2025-59682: Potential partial directory-traversal via archive.extract().

Solutions

freebsd-upgrade-package-py39-django42freebsd-upgrade-package-py310-django42freebsd-upgrade-package-py311-django42freebsd-upgrade-package-py310-django51freebsd-upgrade-package-py311-django51freebsd-upgrade-package-py310-django52freebsd-upgrade-package-py311-django52

References

CVE-2025-59681
https://attackerkb.com/topics/CVE-2025-59681
CWE-89

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today