what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2021-31542

Status Candidate

Overview

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

Related Files

Red Hat Security Advisory 2021-4702-01
Posted Nov 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4702-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include XML injection, code execution, denial of service, information leakage, local file inclusion, man-in-the-middle, memory leak, open redirection, password leak, remote file inclusion, remote shell upload, and traversal vulnerabilities.

tags | advisory, remote, denial of service, shell, local, vulnerability, code execution, memory leak, file inclusion
systems | linux, redhat
advisories | CVE-2019-14853, CVE-2019-14859, CVE-2019-25025, CVE-2020-14343, CVE-2020-26247, CVE-2020-8130, CVE-2020-8908, CVE-2021-20256, CVE-2021-21330, CVE-2021-22885, CVE-2021-22902, CVE-2021-22904, CVE-2021-28658, CVE-2021-29509, CVE-2021-31542, CVE-2021-32740, CVE-2021-33203, CVE-2021-33503, CVE-2021-33571, CVE-2021-3413, CVE-2021-3494
MD5 | 15d37f280e159b35ed6469b1f97ed672
Ubuntu Security Notice USN-4932-2
Posted May 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4932-2 - USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-31542
MD5 | 154fb54d376a39328dac652b07c44eee
Ubuntu Security Notice USN-4932-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4932-1 - It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-31542
MD5 | e30dd2745c21882baa62f2cb57551cf5
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close