CVE-2022-34265 log

Severity High
Remote Yes
Type Sql injection
Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value
Group Package Affected Fixed Severity Status Ticket
AVG-2788 python-django 4.0.5-1 4.0.6-1 High Fixed
Applications that constrain the lookup name and kind choice to a known safe list are unaffected