CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•11 views

Astra Linux - уязвимость в python-django

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows for directory traversal through archives that contain absolute or relative paths with dot segments...

5.3CVSS6.8AI score0.41482EPSS

Exploits1References2

Tenable Nessus•added 2026/03/26 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-006303)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006303 advisory. An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the startapp...

6.5CVSS6AI score0.00018EPSS

Exploits0References4

RedHat Linux•added 2025/10/28 7:18 p.m.•1 views

django: Potential partial directory-traversal via archive.extract()

A flaw was found in Django. The django.utils.archive.extract function, used by startapp --templateand startproject --template, allowed partial directory-traversal via an archive with file paths sharing a common prefix with the target directory...

6.5CVSS7.1AI score0.00018EPSS

Exploits0References4

OSV•added 2025/10/23 8:40 a.m.•4 views

BIT-DJANGO-2025-59682

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...

6.5CVSS6.9AI score0.00018EPSS

Exploits0References5

RedHat Linux•added 2025/10/22 1:21 p.m.•1 views

django: Potential partial directory-traversal via archive.extract()

6.5CVSS7.1AI score0.00018EPSS

Exploits0References4

Tenable Nessus•added 2025/10/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-59682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the startapp...

6.5CVSS7.2AI score0.00018EPSS

Exploits0References2

SUSE CVE•added 2025/10/02 11:22 p.m.•1 views

SUSE CVE-2025-59682

7.5CVSS6.9AI score0.00018EPSS

Exploits0References4

RedhatCVE•added 2025/10/02 4:19 p.m.•3 views

CVE-2025-59682

8.8CVSS6.4AI score0.00018EPSS

Exploits0References3

Snyk•added 2025/10/01 9:31 p.m.•2 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the django.utils.archive.extract function used by startapp --template and startproject --template. An attacker can modify files outside the intended extraction directory by crafting an archive with file paths...

8.8CVSS6.5AI score0.00018EPSS

Exploits0References2

OSV•added 2025/10/01 9:31 p.m.•1 views

GHSA-Q95W-C7QG-HRFF Django vulnerable to partial directory traversal via archives

3.1CVSS7.1AI score0.00018EPSS

Exploits0References8

Github Security Blog•added 2025/10/01 9:31 p.m.•5 views

Django vulnerable to partial directory traversal via archives

6.5CVSS6.9AI score0.00018EPSS

Exploits0References8Affected Software1

OSV•added 2025/10/01 7:15 p.m.•2 views

CVE-2025-59682

6.5CVSS6.9AI score

Exploits0References4

NVD•added 2025/10/01 7:15 p.m.•3 views

CVE-2025-59682

6.5CVSS0.00018EPSS

Exploits0References4

OSV•added 2025/10/01 2:0 p.m.•2 views

UBUNTU-CVE-2025-59682

6.5CVSS7.1AI score0.00018EPSS

Exploits0References3

Positive Technologies•added 2025/10/01 12:0 a.m.•4 views

PT-2025-40291

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.24 Django versions 5.1 through 5.1.12 Django versions 5.2 through 5.2.6 Description The django.utils.archive.extract function allows for potential directory traversal when handling archives with file paths that...

7.1CVSS6.7AI score0.00018EPSS

Exploits0References27

CVE•added 2025/10/01 12:0 a.m.•17 views

CVE-2025-59682

The CVE-2025-59682 issue affects Django versions 4.2<4.2.25, 5.1<5.1.13, and 5.2

6.5CVSS6.5AI score0.00018EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/10/01 12:0 a.m.•2 views

CVE-2025-59682

3.1CVSS6.5AI score0.00018EPSS

Exploits0References3

AlpineLinux•added 2025/10/01 12:0 a.m.•5 views

CVE-2025-59682

6.5CVSS6.9AI score0.00018EPSS

Exploits0

OSV•added 2024/03/06 10:54 a.m.•39 views

BIT-DJANGO-2021-3281

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...

5.3CVSS5.5AI score0.41482EPSS

Exploits1References6

Packet Storm•added 2024/02/26 12:0 a.m.•240 views

Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AutoSpy.10 Vulnerability: Unauthenticated Remote Command Execution...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by