summaryrefslogtreecommitdiff
path: root/django/db/backends/postgresql/operations.py
diff options
context:
space:
mode:
authorMariusz Felisiak <felisiak.mariusz@gmail.com>2022-04-01 08:10:22 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2022-04-11 08:59:33 +0200
commit93cae5cb2f9a4ef1514cf1a41f714fef08005200 (patch)
treee5ea1e69aa37a0ce632480095229fe5afaa47b2f /django/db/backends/postgresql/operations.py
parent62739b6e2630e37faa68a86a59fad135cc788cd7 (diff)
downloaddjango-93cae5cb2f9a4ef1514cf1a41f714fef08005200.tar.gz
Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report.
Diffstat (limited to 'django/db/backends/postgresql/operations.py')
0 files changed, 0 insertions, 0 deletions
View Lorry Controller Status