Search for packages
| purl | pkg:alpm/archlinux/python-django@3.1.5-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-632q-8e7a-aaac
Aliases: BIT-2021-3281 BIT-django-2021-3281 CVE-2021-3281 GHSA-fvgf-6h6h-3322 PYSEC-2021-9 |
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:05.307219+00:00 | Arch Linux Importer | Affected by | VCID-632q-8e7a-aaac | https://security.archlinux.org/AVG-1518 | 36.0.0 |
| 2024-10-12T00:59:57.777233+00:00 | Arch Linux Importer | Affected by | VCID-632q-8e7a-aaac | https://security.archlinux.org/AVG-1518 | 34.0.2 |
| 2024-09-18T02:02:28.835652+00:00 | Arch Linux Importer | Affected by | VCID-632q-8e7a-aaac | https://security.archlinux.org/AVG-1518 | 34.0.1 |
| 2024-04-23T19:47:35.311739+00:00 | Arch Linux Importer | Affected by | VCID-632q-8e7a-aaac | https://security.archlinux.org/AVG-1518 | 34.0.0rc4 |
| 2024-01-03T22:28:29.656225+00:00 | Arch Linux Importer | Affected by | VCID-632q-8e7a-aaac | https://security.archlinux.org/AVG-1518 | 34.0.0rc1 |