vulnerability
Oracle Linux: (CVE-2021-28658) ELSA-2022-9341: ol-automation-manager security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | 2021-04-06 | 2022-04-28 | 2024-08-06 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
2021-04-06
Added
2022-04-28
Modified
2024-08-06
Description
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
Solution(s)
oracle-linux-upgrade-ol-automation-manageroracle-linux-upgrade-ol-automation-manager-clioracle-linux-upgrade-python3-olamkit
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.