Page 5 of 24 results (0.012 seconds)

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories. Django versiones anteriores a 2.2.24, versiones 3.x anteriores a 3.1.12 y versiones 3.2.x anteriores a 3.2.4, presenta un potencial salto de directorio por medio de django.contrib.admindocs. • https://docs.djangoproject.com/en/3.2/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20210727-0004 https://www.djangoproject.com/weblog/2021/jun/02/security-releases https://access.redhat.com/security/cve/CVE-2021-33203 https://bugzilla.redhat.com/show_bug.cgi?id=1966251 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) . En Django versiones 2.2 anteriores a 2.2.24, versiones 3.x anteriores a 3.1.12 y versiones 3.2 anteriores a 3.2.4, las funciones URLValidator, validate_ipv4_address y validate_ipv46_address no prohíben los caracteres cero a la izquierda en los literales octales. Esto puede permitir una omisión del control de acceso basado en las direcciones IP. • https://docs.djangoproject.com/en/3.2/releases/security https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e https://github.com/django/django/commit/9f75e2e562fa0c0482f3dde6fc7399a9070b4a3d https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20210727-0004 https:/ • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers. En Django 2.2 versiones anteriores a 2.2.22, 3.1 versiones anteriores a 3.1.10 y 3.2 versiones anteriores a 3.2.2 (con Python 3.9.5+), URLValidator no prohíbe nuevas líneas y pestañas (a menos que sea usado el campo URLField form). Si una aplicación usa valores con nuevas líneas en una respuesta HTTP, puede ocurrir una inyección de encabezado. • http://www.openwall.com/lists/oss-security/2021/05/06/1 https://docs.djangoproject.com/en/3.2/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE https://security.netapp.com/advisory/ntap-20210611-0002 https://www.djangoproject.com/weblog/2021/may/06/security-releases • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. En Django versiones 2.2 anteriores a 2.2.21, versiones 3.1 anteriores a 3.1.9 y versiones 3.2 anteriores a 3.2.1, MultiPartParser, UploadedFile y FieldFile, permitían un salto de directorio por medio de archivos cargados con nombres de archivo cuidadosamente diseñados A flaw was found in Django. `MultiPartParser`, `UploadedFile`, and `FieldFile` allowed directory-traversal via uploaded files with suitably crafted file names. The highest threat from this vulnerability is to data confidentiality. • http://www.openwall.com/lists/oss-security/2021/05/04/3 https://docs.djangoproject.com/en/3.2/releases/security https://github.com/django/django/commit/04ac1624bdc2fa737188401757cf95ced122d26d https://github.com/django/django/commit/25d84d64122c15050a0ee739e859f22ddab5ac48 https://github.com/django/django/commit/c98f446c188596d4ba6de71d1b77b4a6c5c2a007 https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2021/05/msg00005.html https://lists.fedoraproject.org/archives/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •