20 matches found
Astra Linux - уязвимость в python-django
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows for directory traversal through archives that contain absolute or relative paths with dot segments...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-006303)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006303 advisory. An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the startapp...
BIT-DJANGO-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
django: Potential partial directory-traversal via archive.extract()
A flaw was found in Django. The django.utils.archive.extract function, used by startapp --templateand startproject --template, allowed partial directory-traversal via an archive with file paths sharing a common prefix with the target directory...
Linux Distros Unpatched Vulnerability : CVE-2025-59682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the startapp...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal via the django.utils.archive.extract function used by startapp --template and startproject --template. An attacker can modify files outside the intended extraction directory by crafting an archive with file paths...
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
UBUNTU-CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
PT-2025-40291
Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.24 Django versions 5.1 through 5.1.12 Django versions 5.2 through 5.2.6 Description The django.utils.archive.extract function allows for potential directory traversal when handling archives with file paths that...
CVE-2025-59682
The CVE-2025-59682 issue affects Django versions 4.2<4.2.25, 5.1<5.1.13, and 5.2
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
GHSA-FVGF-6H6H-3322 Django Directory Traversal via archive.extract
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
PYSEC-2021-9
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
UBUNTU-CVE-2021-3281
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
PT-2021-3618 · Django +3 · Django +3
Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.18 Django versions 3.0 before 3.0.12 Django versions 3.1 before 3.1.6 Description: The issue is related to the django.utils.archive.extract method, which is used by "startapp --template" and "startproject...