Количество 8
Количество 8
BDU:2024-07170
Уязвимость функции generate_filename() класса django.core.files.storage.Storage программной платформы для веб-приложений Django, позволяющая нарушителю записывать произвольные файлы
CVE-2024-39330
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
CVE-2024-39330
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
CVE-2024-39330
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
CVE-2024-39330
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2. ...
GHSA-9jmf-237g-qf46
Django Path Traversal vulnerability
SUSE-SU-2024:2577-1
Security update for python-Django
SUSE-SU-2024:2545-1
Security update for python-Django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-07170 Уязвимость функции generate_filename() класса django.core.files.storage.Storage программной платформы для веб-приложений Django, позволяющая нарушителю записывать произвольные файлы | CVSS3: 5.5 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-39330 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.) | CVSS3: 4.3 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-39330 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.) | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-39330 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.) | CVSS3: 4.3 | 0% Низкий | 11 месяцев назад |
| CVE-2024-39330 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2. ... | CVSS3: 4.3 | 0% Низкий | 11 месяцев назад |
| GHSA-9jmf-237g-qf46 Django Path Traversal vulnerability | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
 | SUSE-SU-2024:2577-1 Security update for python-Django | 11 месяцев назад | ||
| SUSE-SU-2024:2545-1 Security update for python-Django | 11 месяцев назад |
Уязвимостей на страницу