Safety vulnerability ID: 38752
The information on this page was manually curated by our Cybersecurity Intelligence Team.
[This advisory has been limited. Please create a free account to view the full advisory.]
Latest version: 6.0.1
A high-level Python web framework that encourages rapid development and clean, pragmatic design.
[This affected versions has been limited. Please create a free account to view the full affected versions.]
[This fixed versions has been limited. Please create a free account to view the full fixed versions.]
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
MISC:https://docs.djangoproject.com/en/dev/releases/security/: https://docs.djangoproject.com/en/dev/releases/security/
MISC:https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM: https://groups.google.com/forum/#%21topic/django-announce/Gdqn58RqIDM
MISC:https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU: https://groups.google.com/forum/#%21topic/django-announce/zFCMdgUnutU
MISC:https://www.djangoproject.com/weblog/2020/sep/01/security-releases/: https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
MISC:https://www.openwall.com/lists/oss-security/2020/09/01/2: https://www.openwall.com/lists/oss-security/2020/09/01/2
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application