vulnerability

Alpine Linux: CVE-2020-24583: Incorrect Default Permissions

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	2020-09-01	2021-01-04	2024-10-02

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

2020-09-01

Added

2021-01-04

Modified

2024-10-02

Description

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.

Solution(s)

alpine-linux-upgrade-py-djangoalpine-linux-upgrade-py3-django

References

CVE-2020-24583
https://attackerkb.com/topics/CVE-2020-24583
URL-https://security.alpinelinux.org/vuln/CVE-2020-24583

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today