vulnerability
Arch Linux: Directory traversal (CVE-2021-33203)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jun 8, 2021 | Jul 11, 2025 | Nov 27, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jun 8, 2021
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
A security issue has been found in Django before version 3.2.4. Staff members could use the admindocs TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by the developers to also expose the file contents, then not only the existence but also the file contents would have been exposed.
Solution
arch-linux-upgrade-latest
References
- CVE-2021-33203
- https://attackerkb.com/topics/CVE-2021-33203
- URL-https://docs.djangoproject.com/en/3.2/releases/security/
- URL-https://groups.google.com/forum/#%21forum/django-announce
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/
- URL-https://security.archlinux.org/ASA-202106-41
- URL-https://security.netapp.com/advisory/ntap-20210727-0004/
- URL-https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
- CWE-22
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.