vulnerability
Alpine Linux: CVE-2021-3281: Path Traversal
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Feb 2, 2021 | Aug 22, 2024 | Oct 2, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Feb 2, 2021
Added
Aug 22, 2024
Modified
Oct 2, 2024
Description
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments.
Solution
alpine-linux-upgrade-py3-django

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.