AVG-1091 log

Package python-django
Status Fixed
Severity Medium
Type sql injection
Affected 3.0.2-1
Fixed 3.0.3-1
Current 3.1.1-1 [extra]
Ticket None
Created Mon Feb 3 19:39:44 2020
Issue Severity Remote Type Description
CVE-2020-7471 Medium Yes Sql injection
django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.
Date Advisory Package Description
03 Feb 2020 ASA-202002-1 python-django sql injection