MagicStack/asyncpg

Releases41

Frequency2 months 3 weeks

Last Release 6 months ago

Stars8.04K

A fast PostgreSQL Database Client Library for Python/asyncio.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-17446 ↗	Aug 12, 2020Wednesday, 12 August 2020, 16:15	9.8 CRITICAL	7.5 HIGH
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized pointer in the array data decoder.