Количество 9
Количество 9
GHSA-q95w-c7qg-hrff
Django vulnerable to partial directory traversal via archives
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13 ...
BDU:2025-12661
Уязвимость функции django.utils.archive.extract() программной платформы для веб-приложений Django, позволяющая нарушителю обойти ограничения безопасности
openSUSE-SU-2025:20022-1
Security update for python-Django
SUSE-SU-2025:03446-1
Security update for python-Django
ROS-20251106-04
Множественные уязвимости python3-django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-q95w-c7qg-hrff Django vulnerable to partial directory traversal via archives | CVSS3: 3.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. | CVSS3: 3.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. | CVSS3: 3.1 | 0% Низкий | 6 месяцев назад |
| CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13 ... | CVSS3: 3.1 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-12661 Уязвимость функции django.utils.archive.extract() программной платформы для веб-приложений Django, позволяющая нарушителю обойти ограничения безопасности | CVSS3: 3.1 | 0% Низкий | 6 месяцев назад |
 | openSUSE-SU-2025:20022-1 Security update for python-Django | 5 месяцев назад | ||
| SUSE-SU-2025:03446-1 Security update for python-Django | 6 месяцев назад | ||
 | ROS-20251106-04 Множественные уязвимости python3-django | CVSS3: 7.1 | 5 месяцев назад |
Уязвимостей на страницу