VulnerableCode Package Details - pkg:alpm/archlinux/python-django@3.1-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-3a3r-69cy-aaac Aliases: BIT-2020-24583 BIT-django-2020-24583 CVE-2020-24583 GHSA-m6gj-h9gm-gw44 PYSEC-2020-33	An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.	3.1.1-1 Affected by 0 other vulnerabilities.
VCID-xt1e-w2jw-aaaq Aliases: BIT-2020-24584 BIT-django-2020-24584 CVE-2020-24584 GHSA-fr28-569j-53c4 PYSEC-2020-34	An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.	3.1.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3a3r-69cy-aaac
Aliases:
BIT-2020-24583
BIT-django-2020-24583
CVE-2020-24583
GHSA-m6gj-h9gm-gw44
PYSEC-2020-33

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.

3.1.1-1
Affected by 0 other vulnerabilities.

VCID-xt1e-w2jw-aaaq
Aliases:
BIT-2020-24584
BIT-django-2020-24584
CVE-2020-24584
GHSA-fr28-569j-53c4
PYSEC-2020-34

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.

3.1.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:49.287207+00:00	Arch Linux Importer	Affected by	VCID-3a3r-69cy-aaac	https://security.archlinux.org/AVG-1217	36.0.0
2025-03-28T07:46:49.255095+00:00	Arch Linux Importer	Affected by	VCID-xt1e-w2jw-aaaq	https://security.archlinux.org/AVG-1217	36.0.0
2024-10-12T00:59:57.230258+00:00	Arch Linux Importer	Affected by	VCID-3a3r-69cy-aaac	https://security.archlinux.org/AVG-1217	34.0.2
2024-10-12T00:59:57.203416+00:00	Arch Linux Importer	Affected by	VCID-xt1e-w2jw-aaaq	https://security.archlinux.org/AVG-1217	34.0.2
2024-09-18T02:02:10.135661+00:00	Arch Linux Importer	Affected by	VCID-3a3r-69cy-aaac	https://security.archlinux.org/AVG-1217	34.0.1
2024-09-18T02:02:10.106872+00:00	Arch Linux Importer	Affected by	VCID-xt1e-w2jw-aaaq	https://security.archlinux.org/AVG-1217	34.0.1
2024-04-23T19:47:34.036790+00:00	Arch Linux Importer	Affected by	VCID-3a3r-69cy-aaac	https://security.archlinux.org/AVG-1217	34.0.0rc4
2024-04-23T19:47:34.014829+00:00	Arch Linux Importer	Affected by	VCID-xt1e-w2jw-aaaq	https://security.archlinux.org/AVG-1217	34.0.0rc4
2024-01-03T22:28:12.560248+00:00	Arch Linux Importer	Affected by	VCID-3a3r-69cy-aaac	https://security.archlinux.org/AVG-1217	34.0.0rc1
2024-01-03T22:28:12.535807+00:00	Arch Linux Importer	Affected by	VCID-xt1e-w2jw-aaaq	https://security.archlinux.org/AVG-1217	34.0.0rc1