CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.

CVSS v3 4.0 MEDIUM

4.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://docs.djangoproject.com/en/dev/releases/security/	Vendor Advisory
https://groups.google.com/g/django-announce	Vendor Advisory
https://www.djangoproject.com/weblog/2025/jun/04/security-releases/	Vendor Advisory
https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/	Release Notes
http://www.openwall.com/lists/oss-security/2025/06/04/5	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2025/06/10/2	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2025/06/10/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2025/06/10/4	Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:djangoproject:django::::::::
	cpe:2.3:a:djangoproject:django::::::::
	cpe:2.3:a:djangoproject:django::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-06-05 03:15

Updated : 2025-10-15 17:47

NVD link : CVE-2025-48432

Mitre link : CVE-2025-48432

CVE.ORG link : CVE-2025-48432

JSON object : View

Products Affected

djangoproject

django

debian

debian_linux

CWE

CWE-117

Improper Output Neutralization for Logs

{"id": "CVE-2025-48432", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-06-05T03:15:25.563", "references": [{"url": "https://docs.djangoproject.com/en/dev/releases/security/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://groups.google.com/g/django-announce", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.djangoproject.com/weblog/2025/jun/04/security-releases/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/04/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/10/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/10/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/10/4", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-117"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Django 5.2 (anterior a la 5.2.2), 5.1 (anterior a la 5.1.10) y 4.2 (anterior a la 4.2.22). El registro interno de respuestas HTTP no escapa a request.path, lo que permite a atacantes remotos manipular la salida del registro mediante URL manipuladas. Esto puede provocar la inyecci\u00f3n o falsificaci\u00f3n de registros cuando estos se visualizan en terminales o son procesados por sistemas externos."}], "lastModified": "2025-10-15T17:47:56.647", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CD30280-19CF-4E2E-88D1-AEFE9915048B", "versionEndExcluding": "4.2.23", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1627628C-0E8F-47E7-B082-D6F36C5A4C30", "versionEndExcluding": "5.1.11", "versionStartIncluding": "5.1"}, {"criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F42CCC03-C3E9-4EBB-9C93-D30C780DEE2A", "versionEndExcluding": "5.2.3", "versionStartIncluding": "5.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}