29 matches found
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
Django Directory Traversal via archive.extract
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
GHSA-FVGF-6H6H-3322 Django Directory Traversal via archive.extract
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
django: Potential directory-traversal via archive.extract()
A flaw was found in django where thedjango.utils.archive.extract function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments...
PYSEC-2021-9
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
PYSEC-2021-9
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
UBUNTU-CVE-2021-3281
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...
PT-2021-3618 · Django +3 · Django +3
Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.18 Django versions 3.0 before 3.0.12 Django versions 3.1 before 3.1.6 Description: The issue is related to the django.utils.archive.extract method, which is used by "startapp --template" and "startproject...