Lucene search

Django-S3File Security Vulnerabilities

cve

CVE-2022-24840

django-s3file is a lightweight file upload input for Django and Amazon S3 . In versions prior to 5.5.1 it was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. If the AWS_LOCATION setting was set, traversal was limited to that location only. The issue was di...

9.8CVSS

9.3AI Score

0.003EPSS

2022-06-09 04:15 AM