Mariusz Felisiak 41b43c74bd Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. ...

Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f.

2025-10-01 08:11:45 -04:00

..

__init__.py

…

models.py

Fixed CVE-2024-42005 -- Mitigated QuerySet.values() SQL injection attacks against JSON fields.

2024-08-06 08:50:08 +02:00

test_queryset_values.py

Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB.

2025-10-01 08:11:45 -04:00

tests.py

Fixed #27222 -- Refreshed model field values assigned expressions on save().

2025-09-14 00:27:50 +02:00