14 lines
1011 B
JSON
14 lines
1011 B
JSON
{
|
|
"id": "openEuler-SA-2023-1286",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1286",
|
|
"title": "An update for python-django is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1",
|
|
"severity": "Critical",
|
|
"description": "A high-level Python Web framework that encourages rapid development and clean, pragmatic design.\r\n\r\nSecurity Fix(es):\r\n\r\nIn Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's \"Uploading multiple files\" documentation suggested otherwise.(CVE-2023-31047)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2023-31047",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31047",
|
|
"severity": "Critical"
|
|
}
|
|
]
|
|
} |