AVG-2788 log

Package python-django
Status Fixed
Severity High
Type sql injection
Affected 4.0.5-1
Fixed 4.0.6-1
Current 4.1.5-1 [extra]
Ticket None
Created Thu Jul 28 20:16:07 2022
Issue Severity Remote Type Description
CVE-2022-34265 High Yes Sql injection
Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value
References
https://www.djangoproject.com/weblog/2022/jul/04/security-releases/