Wind River Support Network

HomeDefectsLIN1021-2159
Fixed

LIN1021-2159 : Security Advisory - python-django - CVE-2021-44420

Created: Dec 7, 2021    Updated: Jan 16, 2022
Resolved Date: Jan 16, 2022
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

https://nvd.nist.gov/vuln/detail/CVE-2021-44420
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube