---

CVE-2019-14234 - log back

CVE-2019-14234 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Sql injection
Description	+ Key and index lookups for JSONField and key lookups for HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to QuerySet.filter().
References	+ https://github.com/django/django/commit/7deeabc7c7526786df6894429ce89a9c4b614086
Notes