A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.