AVG-1091 log

Package python-django
Status Fixed
Severity Medium
Type sql injection
Affected 3.0.2-1
Fixed 3.0.3-1
Current 4.2.11-2 [extra-testing]
4.2.11-1 [extra]
Ticket None
Created Mon Feb 3 19:39:44 2020
Issue Severity Remote Type Description
CVE-2020-7471 Medium Yes Sql injection 
django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.
Date Advisory Package Type
03 Feb 2020 ASA-202002-1 python-django sql injection