Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-44420 - log back

CVE-2021-44420 edited at 07 Dec 2021 09:43:49

Severity

-	Unknown
+	Low

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Access restriction bypass

Description

+	A security issue has been found in Django before version 3.2.10. HTTP requests for URLs with trailing newlines could bypass an upstream access control based on URL paths.

References

+	https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
+	https://github.com/django/django/commit/333c65603032c377e682cdbd7388657a5463a05a

Notes

CVE-2021-44420 created at 07 Dec 2021 09:41:46