Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-3281

The django.utils.archive.extract() function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments.

Source

Severity Medium

Remote No

Type Directory traversal

Description

The django.utils.archive.extract() function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments.

AVG-1518 python-django 3.1.5-1 Medium Vulnerable

https://www.djangoproject.com/weblog/2021/feb/01/security-releases/
https://github.com/django/django/commit/02e6592835b4559909aa3aaaf67988fef435f624

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect