CVE-2020-24583
pypi/Django
Incorrect Default Permissions
An issue was discovered in Django (when Python + is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS
mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic
management command.
All versions starting from 2.2 before 2.2.16, all versions starting from 3.0 before 3.0.10, all versions starting from 3.1 before 3.1.1
Upgrade to versions 2.2.16, 3.0.10, 3.1.1 or above.
2020-09-12
source |