CVE-2021-45452
pypi/Django
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Storage.save in Django allows directory traversal if crafted filenames are directly passed to it.
All versions starting from 2.2 before 2.2.26, all versions starting from 3.2 before 3.2.11, all versions starting from 4.0 before 4.0.1
Upgrade to versions 2.2.26, 3.2.11, 4.0.1 or above.
2022-01-13
source |