2 matches found
PT-2021-4594 · Django +4 · Django +4
Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.20 Django versions 3.0 before 3.0.14 Django versions 3.1 before 3.1.8 Description: The issue is related to the MultiPartParser component in Django, which has a directory path restriction flaw. This flaw can be...
GHSA-WPJR-J57X-WXFW Data leakage via cache key collision in Django
An issue was discovered in Django version 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...