CVE-2020-24583 log

Source
Severity Medium
Remote Yes
Type Access restriction bypass
Description
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.
Group Package Affected Fixed Severity Status Ticket
AVG-1217 python-django 3.1-1 3.1.1-1 Medium Fixed FS#67794
Date Advisory Group Package Severity Type
03 Sep 2020 ASA-202009-4 AVG-1217 python-django Medium multiple issues
References
https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
https://github.com/django/django/commit/934430d22aa5d90c2ba33495ff69a6a1d997d584