CVE-2020-24583: Incorrect Default Permissions
(updated )
An issue was discovered in Django (when Python + is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS
mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic
management command.
References
Detect and mitigate CVE-2020-24583 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →