Wednesday, February 3, 2021

Ubuntu: (Multiple Advisories) (CVE-2021-3281): Django vulnerability

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-4715-2:USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM.Original advisory details:Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location.
  • ubuntu-upgrade-python-django
  • ubuntu-upgrade-python3-django

  • References
  • USN-4715-1
  • USN-4715-2
  • CVE-2021-3281


    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated