Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-33571

A flaw was found in django. Leading zeros in octal literals aren't prohibited in IP addresses. If you used such values you could suffer from indeterminate SSRF, RFI, and LFI attacks. The highest threat from this vulnerability is to data integrity.

Source

Description

A flaw was found in django. Leading zeros in octal literals aren't prohibited in IP addresses. If you used such values you could suffer from indeterminate SSRF, RFI, and LFI attacks. The highest threat from this vulnerability is to data integrity.

Additional Information

Bugzilla 1966253: CVE-2021-33571 django: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses
CWE-918: Server-Side Request Forgery (SSRF)
FAQ: Frequently asked questions about CVE-2021-33571

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-33571

Description

Additional Information

Vulmon Search

About

Products

Connect