Описание
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| python-django | fixed | 3:3.2.15-1 | package | |
| python-django | not-affected | buster | package |
Примечания
https://www.openwall.com/lists/oss-security/2022/08/03/1
https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173 (main)
https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80 (3.2.15)
Introduced by: https://github.com/django/django/commit/a177f854c34718e473bcd0a2dc6c4fd935c8e327
EPSS
Связанные уязвимости
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
Django vulnerable to Reflected File Download attack
Уязвимость программной платформы для веб-приложений Django, связанная с загрузкой кода без проверки его целостности, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS