Описание
django-helpdesk Allows Sensitive Data Exposure
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in models.py.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-25111
- https://github.com/django-helpdesk/django-helpdesk/issues/591
- https://github.com/django-helpdesk/django-helpdesk/pull/1120
- https://github.com/django-helpdesk/django-helpdesk/commit/f872ec252769bee5a88b06d07d3634e580c67bcc
- https://github.com/django-helpdesk/django-helpdesk/releases/tag/v1.0.0
- https://github.com/pypa/advisory-database/tree/main/vulns/django-helpdesk/PYSEC-2025-44.yaml
Пакеты
Наименование
django-helpdesk
pip
Затронутые версииВерсия исправления
< 1.0.0
1.0.0
Связанные уязвимости
CVSS3: 5.1
nvd
8 месяцев назад
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in models.py.