CVE-2021-31542

Publication date

2021-05-05 00:00:00

Family

mitre

State

PUBLISHED

Description

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.