CVE-2021-44420

Publication date

2021-12-07 22:55:40

Family

mitre

State

PUBLISHED

Description

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.