Security Fix(es):
Potential directory-traversal via archive.extract() (CVE-2021-3281)
potential directory-traversal via uploaded files (CVE-2021-28658)
Potential directory-traversal via uploaded files (CVE-2021-31542)
Potential directory traversal via admindocs
(CVE-2021-33203)
Possible indeterminate SSRF RFI and LFI attacks since validators accepted
leading zeros in IPv4 addresses (CVE-2021-33571)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | noarch | python3-django20 | < 2.0.13-16.el8ost.1 | python3-django20-2.0.13-16.el8ost.1.noarch.rpm |
RedHat | 8 | noarch | python-django20-bash-completion | < 2.0.13-16.el8ost.1 | python-django20-bash-completion-2.0.13-16.el8ost.1.noarch.rpm |