Lucene search
GoogleOSV:PYSEC-2021-7HistoryMay 05, 2021 - 3:15 p.m.
PYSEC-2021-7
2021-05-0515:15:00
Google
osv.dev
23
0.002 Low
EPSS
Percentile
59.7%
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
References
www.openwall.com/lists/oss-security/2021/05/04/3
docs.djangoproject.com/en/3.2/releases/security/
github.com/advisories/GHSA-rxjp-mfm9-w4wr
groups.google.com/forum/#!forum/django-announce
lists.debian.org/debian-lts-announce/2021/05/msg00005.html
lists.fedoraproject.org/archives/list/[email protected]/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
www.djangoproject.com/weblog/2021/may/04/security-releases/
Related
cve
cve
CVE-2021-31542
2021-05-05 15:15:08
freebsd
freebsd
Django -- multiple vulnerabilities
2021-04-22 00:00:00
nessus
nessus
FreeBSD : Django -- multiple vulnerabilities (1766359c-ad6e-11eb-b2a4-080027e50e6d)
2021-05-07 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerability (USN-4932-1)
2021-05-04 00:00:00
Ubuntu 16.04 ESM : Django vulnerability (USN-4932-2)
2021-05-13 00:00:00
ubuntucve
ubuntucve
CVE-2021-31542
2021-05-04 00:00:00
osv
osv
Path Traversal in Django
2021-06-04 21:15:56
python-django - security update
2021-05-06 00:00:00
BIT-django-2021-31542
2024-03-06 10:55:14
redhatcve
redhatcve
CVE-2021-31542
2021-05-04 11:20:01
openvas
openvas
Django 2.2 < 2.2.21, 3.1 < 3.1.9, 3.2 < 3.2.1 Directory Traversal Vulnerability - Linux
2021-05-07 00:00:00
Django 2.2 < 2.2.21, 3.1 < 3.1.9, 3.2 < 3.2.1 Directory Traversal Vulnerability - Windows
2021-05-07 00:00:00
Debian: Security Advisory (DLA-2651-1)
2021-05-07 00:00:00
veracode
veracode
Directory Traversal
2021-05-05 03:23:07
debian
debian
[SECURITY] [DLA 2651-1] python-django security update
2021-05-06 09:26:03
[SECURITY] [DLA 3744-1] python-django security update
2024-02-29 19:11:46
ubuntu
ubuntu
Django vulnerability
2021-05-04 00:00:00
Django vulnerability
2021-05-13 00:00:00
cvelist
cvelist
CVE-2021-31542
2021-05-05 00:00:00
prion
prion
Directory traversal
2021-05-05 15:15:00
nvd
nvd
CVE-2021-31542
2021-05-05 15:15:08
github
github
Path Traversal in Django
2021-06-04 21:15:56
debiancve
debiancve
CVE-2021-31542
2021-05-05 15:15:08
fedora
fedora
[SECURITY] Fedora 34 Update: python-django-3.1.9-1.fc34
2021-05-12 05:45:05
[SECURITY] Fedora 35 Update: python-django-3.2.12-1.fc35
2022-02-11 01:23:09
altlinux
altlinux
redhat
redhat
(RHSA-2021:5070) Moderate: Red Hat OpenStack Platform 16.1 (python-django20) security update
2021-12-09 19:50:28
(RHSA-2021:4702) Moderate: Satellite 6.10 Release
2021-11-16 13:58:57
mageia
mageia
Updated python-django package fixes security vulnerabilities
2021-07-16 11:25:31
oraclelinux
oraclelinux
ol-automation-manager security update
2022-04-27 00:00:00