Количество 6
Количество 6
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
CVE-2025-59682
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13 ...
GHSA-q95w-c7qg-hrff
Django vulnerable to partial directory traversal via archives
BDU:2025-12661
Уязвимость функции django.utils.archive.extract() программной платформы для веб-приложений Django, позволяющая нарушителю обойти ограничения безопасности
SUSE-SU-2025:03446-1
Security update for python-Django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. | CVSS3: 3.1 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory. | CVSS3: 3.1 | 0% Низкий | около 1 месяца назад |
| CVE-2025-59682 An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13 ... | CVSS3: 3.1 | 0% Низкий | около 1 месяца назад |
| GHSA-q95w-c7qg-hrff Django vulnerable to partial directory traversal via archives | CVSS3: 3.1 | 0% Низкий | около 1 месяца назад |
 | BDU:2025-12661 Уязвимость функции django.utils.archive.extract() программной платформы для веб-приложений Django, позволяющая нарушителю обойти ограничения безопасности | CVSS3: 3.1 | 0% Низкий | около 1 месяца назад |
 | SUSE-SU-2025:03446-1 Security update for python-Django | около 1 месяца назад |
Уязвимостей на страницу