FLAT-DEOZ5 – Vulnerability | Fluid Attacks Database

Database

Description

access restriction bypass

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	python-django	=2:2.2.24-1 \|\| >=0 <2:2.2.25-1~deb11u1	2:2.2.25-1~deb11u1
pypi	django	>=2.2a1 <2.2.25 \|\| >=3.0a1 <3.1.14 \|\| >=3.2a1 <3.2.10	2.2.25, 3.1.14, 3.2.10
debian 12	python-django	>=0 <2:3.2.10-1	2:3.2.10-1
debian 13	python-django	>=0 <2:3.2.10-1	2:3.2.10-1
debian 14	python-django	>=0 <2:3.2.10-1	2:3.2.10-1
alpm rolling_release	python-django	>=3.2.9-3 <3.2.10-1	3.2.10-1

Aliases

1. CVE-2021-444202. NVD-2021-444203. OSV-DEBIAN-2021-444204. OSV-2021-444205. GHSA-v6rh-hp5x-86rv6. GCVE-2021-444207. SECURITY-TRACKER-CVE-2021-44420

References

1. https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a62. https://docs.djangoproject.com/en/3.2/releases/security3. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml4. https://groups.google.com/forum/#!forum/django-announce5. https://lists.fedoraproject.org/archives/list/[email protected]/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV6. https://security.netapp.com/advisory/ntap-20211229-00067. https://www.djangoproject.com/weblog/2021/dec/07/security-releases8. https://www.openwall.com/lists/oss-security/2021/12/07/1

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.