Explore top 10 tips to secure your open-source projects now. Read More
×
Django could be made to expose sensitive information if it received
an specially crafted input.
Software Description:
- python-django: High-level Python web development framework
Details:
It was discovered that Django incorrectly handled certain FileResponse.
An attacker could possibly use this issue to expose sensitive information
or gain access over user machine.
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: python3-django 2:3.2.12-2ubuntu1.2 Ubuntu 20.04 LTS: python3-django 2:2.2.12-1ubuntu0.13 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5549-1
CVE-2022-36359
Get the latest Linux and open source security news straight to your inbox.