Wind River Support Network

HomeDefectsLIN1018-8463
Not to be fixed

LIN1018-8463 : Security Advisory - python-django - CVE-2021-44420

Created: Dec 7, 2021    Updated: Nov 2, 2023
Resolved Date: Nov 2, 2023
Found In Version: 10.18.44.1
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

https://nvd.nist.gov/vuln/detail/CVE-2021-44420
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube