EUVD-2020-0048

Malware in sbrugna...

PYSEC-2020-24

asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...

adbc (=0.0.1), aerie (>=0.0.1b0 <=0.0.1b2) +30 more potentially affected by CVE-2020-17446 via asyncpg (>=0.11.0 <=0.20.1)

asyncpg PYPI version =0.11.0, =0.0.1b0, =0.1.1, =0.0.9, =0.1.0, =0.1.0, =0.12.0, =0.1.0, =3.1.0, =0.5.6, =3.0.22, =0.0.1, =2.0.0, =3.5.0 - ninjin =0.2.0 and more Source cves: CVE-2020-17446 Source advisory: OSV:PYSEC-2020-24...