#35817: Regression in default_storage.save(path, source)
-------------------------------------+-------------------------------------
Reporter: Caram | Owner: (none)
Type: Bug | Status: new
Component: File | Version: 5.1
uploads/storage |
Severity: Release blocker | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Caram):
Actually this was introduced in 5.0.7: CVE-2024-39330: Potential
directory-traversal via `Storage.save()`
--
Ticket URL: <https://code.djangoproject.com/ticket/35817#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/0107019265f2890d-d291e1c6-4441-469c-94be-76d7fe16ed1f-000000%40eu-central-1.amazonses.com.
