The vulnerability in the implementation of the FILE_UPLOAD_DIRECTORY_PERMISSIONS mode of the Django software platform allows a perpetrator to disclose protected information.

Django FILE_UPLOAD_DIRECTORY_PERMISSIONS flaw lets disclosure of protected data via access rights.

Reporter	Title	Published	Views	Family All 110
FreeBSD	Django -- multiple vulnerabilities	1 Sep 202000:00	–	freebsd
ALT Linux	Security fix for the ALT Linux 9 package python3-module-django version 2.2.17-alt1	11 Dec 202000:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package python3-module-django version 2.2.17-alt1	11 Dec 202000:00	–	altlinux
AlpineLinux	CVE-2020-24583	1 Sep 202012:33	–	alpinelinux
ArchLinux	[ASA-202009-4] python-django: multiple issues	3 Sep 202000:00	–	archlinux
AstraLinux	Astra Linux – Vulnerability in Python-Django	3 May 202623:59	–	astralinux
BDU FSTEC	The vulnerability of the Django web application software lies in improper default access control settings, which allow attackers to disclose protected information.	23 Feb 202100:00	–	bdu_fstec
CNVD	Django Privilege Permission and Access Control Issues Vulnerability	2 Sep 202000:00	–	cnvd
CVE	CVE-2020-24583	1 Sep 202012:33	–	cve
Cvelist	CVE-2020-24583	1 Sep 202012:33	–	cvelist

Vulners

Node

django djangoRange2.2–2.2.16

django djangoRange3.0–3.0.10

django djangoRange3.1–3.1.1

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2021.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-24583
usn	www.usn.ubuntu.com/4479-1/
xn--80ahaefyxhn	www.xn--80ahaefyxhn.xn--j1afgaq.xn--p1ai/bin/view/%D0%9E%D0%A1%D0%BD%D0%BE%D0%B2%D0%B0/%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F/2.5/
wiki	www.wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1221SE17MD
wiki	www.wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0131SE47MD
wiki	www.wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16
web	www.web.nvd.nist.gov/view/vuln/detail

07 Nov 2024 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 37.5

CVSS 27.8

EPSS0.03969