Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.45 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-django20) (RHSA-2021:3490)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3490 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 Potential directory traversal via admindocs CVE-2021-33203...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2021/12/11 12:0 a.m.47 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-django20) (RHSA-2021:5070)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5070 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 potential directory-traversal via uploaded files...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2021/09/15 1:41 p.m.45 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-django20) security update

An update for python-django20 is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.07605EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2021/07/05 8:25 a.m.627 views

Exploit for Path Traversal in Djangoproject Django

CVE-2021-3281 There is a Directory Traversal vulnerability in...

5.3CVSS5.7AI score0.07605EPSS
Exploits1
ALT Linux
ALT Linux
added 2021/04/12 12:0 a.m.105 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.19-alt1

2.2.19-alt1 built April 12, 2021 Alexey Shabalin in task 266900 Feb. 24, 2021 Alexey Shabalin - 2.2.19 - rename package to python3-module-django back - Fixes for the following security vulnerabilities: + CVE-2021-3281 Potential directory-traversal via archive.extract + CVE-2021-23336 Web cache...

5CVSS7.1AI score0.35963EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2021/03/18 8:29 p.m.3 views

aether-sdk (>=1.3.4 <=1.3.8), apis-bibsonomy (>=0.2.0 <=0.3.0) +225 more potentially affected by CVE-2021-3281 via django (>=3.1.0 <=3.1.5)

django PYPI version =3.1.0, =1.3.4, =0.2.0, =0.16.12, =0.8.8, =0.5.0, =0.1.0, =1.0.0b3, =0.0.1, =2.11.0, =0.0.32, =0.0.38, =0.0.39 and more Source cves: CVE-2021-3281 Source advisory: OSV:GHSA-FVGF-6H6H-3322...

5.3CVSS6.6AI score0.07605EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/03/09 4:10 p.m.86 views

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 1.2.2 security and bug fix update

An update is now available for Red Hat Ansible Automation Platform 1.2.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.7AI score0.07605EPSS
Exploits3References5
ALT Linux
ALT Linux
added 2021/02/24 12:0 a.m.186 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.19-alt1

Feb. 24, 2021 Alexey Shabalin 2.2.19-alt1 - 2.2.19 - rename package to python3-module-django back - Fixes for the following security vulnerabilities: + CVE-2021-3281 Potential directory-traversal via archive.extract + CVE-2021-23336 Web cache poisoning via django.utils.http.limitedparseqsl...

5CVSS7.1AI score0.35963EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.32 views

Fedora 33 : python-django (2021-5329c680f7)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-5329c680f7 advisory. - In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by startapp --template and...

5.3CVSS6.7AI score0.07605EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/02/14 12:0 a.m.43 views

Fedora: Security Advisory for python-django (FEDORA-2021-5329c680f7)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS5.8AI score0.07605EPSS
Exploits1References2
ArchLinux
ArchLinux
added 2021/02/07 12:0 a.m.149 views

[ASA-202102-18] python-django: directory traversal

Arch Linux Security Advisory ASA-202102-18 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-3281 Package : python-django Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-1518 Summary ======= The package python-django befo...

5.3CVSS1AI score0.07605EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2021/02/02 7:15 a.m.5 views

atila-vue (>=0.1.3 <=0.1.3.5), contrail (>=0.3.0 <=1.0.2) +28 more potentially affected by CVE-2021-3281 via django (>=3.0.0 <=3.0.11)

django PYPI version =3.0.0, =0.1.3, =0.3.0, =0.1.1, =0.0.1, =0.0.1, =0.2.1, =0.8.0, =0.7.0, =0.10.0, =0.5.0, =0.6.4 and more Source cves: CVE-2021-3281 Source advisory: OSV:PYSEC-2021-9...

5.3CVSS6.7AI score0.07605EPSS
Exploits1
CVE
CVE
added 2021/02/02 6:16 a.m.225 views

CVE-2021-3281

CVE-2021-3281 affects Django: the django.utils.archive.extract function (used by startapp --template and startproject --template) allows directory traversal via archives containing absolute paths or dot-segment relative paths. Affected releases include Django 2.2 before 2.2.18, 3.0 before 3.0.12,...

5.3CVSS5.4AI score0.07605EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 2021/02/02 6:16 a.m.52 views

CVE-2021-3281

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...

5.3CVSS5.8AI score0.07605EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/02/02 12:0 a.m.22 views

Debian: Security Advisory (DLA-2540-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.07605EPSS
Exploits1References3
Debian
Debian
added 2021/02/01 6:37 p.m.72 views

[SECURITY] [DLA 2540-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2540-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 01, 2021 https://wiki.debian.org/LTS -...

5.3CVSS5.5AI score0.07605EPSS
Exploits1
Rows per page
Query Builder